The UK’s data privacy authority is currently investigating a privacy breach affecting Kate, Princess of Wales, after three hospital staff reportedly sought access to the royal’s private medical information. But Her Majesty’s medical privacy issues are familiar to many, with one in three people in the United States affected by a health-related data breach last year.
The Associated Press reported last month that a cybersecurity analyst counted 46 attacks on hospitals in 2023, compared to 25 in 2022, an increase in U.S. patient records exposed last year. This corresponds to an astounding 133 million cases. And hackers are making even more money with each cyberattack, with the average payout jumping from $5,000 in 2018 to $1.5 million last year.
“Unless governments do something more meaningful and important than what they have done so far, it is inevitable that things will get worse,” the analyst said.
However, the Department of Health and Human Services announced that the total number of medical hacks last year reached 725, a record high. USA Today reported that the majority of the worst hacks (the top 20 with at least 1 million records exposed) targeted hospital contractors and medical vendors. According to the Centers for Medicare and Medicaid Services, a Russian ransomware group hacked U.S. government software written by federal contractors, killing approximately 2.3 million Medicare beneficiaries and 2,000 businesses, government agencies and universities. It is said that 10 million people had their data leaked.
“Unless the government does something more meaningful and important than what it has done so far, it is inevitable that things will get much worse.”
Officials at the U.S. Department of Homeland Security issued a similar warning following a major cyberattack on a children’s hospital in Chicago on January 31st. Cyberattacks are rapidly expanding and are targeting not only hospitals but also doctors, medical vendors, and other healthcare companies. Most recently, HHS is currently investigating his February 21st massive breach of United Health, a subsidiary of his group, in which sensitive data of millions of patients may have been compromised.
“Given the unprecedented scale of this cyberattack and in the best interests of patients and healthcare providers, OCR has begun an investigation into this incident,” the HHS Office for Civil Rights said in a statement last week. .
3 things the US can do to protect data privacy
Controversial legislative efforts to ban TikTok have garnered a lot of national attention, but this week a more effective data privacy move by Congress bans third-party data brokers from selling data to the US This was made possible by the unanimous passing of a bill by the members of the House of Representatives. geopolitical adversaries like Russia and China; As Gizmodo reported, the Protecting Americans’ Data from Foreign Adversaries Act (HR 7520) passed the House on Wednesday by a vote of 414-0 and now heads to the Senate.
Want more health and science articles in your inbox? Subscribe to Lab Notes, Salon’s weekly newsletter.
The bill also builds on previous efforts by the Federal Trade Commission to strengthen sensitive health data, including information such as precise location data, genetic data, and personal emails and texts from brokers. The sale or sharing of such information is prohibited.
Related: https://www.salon.com/2024/01/11/abortion-ftc-xmode-privacy-location-tech-data/
The Biden administration and the Environmental Protection Agency are also stepping up state-level defenses to “neutralize cyberattacks,” warning that the nation’s critical water, wastewater, and power grids are under attack. The government has also recently pushed for improved privacy risk labeling for consumer smart home devices and technologies.
What you can do to strengthen your data privacy
1. Check for violations
If you want to see if any of your email addresses have been compromised in a data breach or hack, visit haveibeenpwned.com and enter your email address in the site’s search bar. The site’s owner and creator, security expert Troy Hunt, has been offering the free service since 2013, and the site matches it against a database of nearly 8 billion compromised accounts. You can verify your email address.
2. Use trusted open source privacy tools
If you’re finally tired of keeping track of (and resetting regularly) dozens of passwords, consider installing the open-source password manager Bitwarden in your browser. Free privacy and cybersecurity tools are usually not recommended, but Bitwarden is an exception. Offering the most powerful free tier service among its competitors and being compatible with almost all browsers, Bitwarden has little learning curve and provides convenient instructions for importing your list of saved passwords. Masu.
3. Use decoy accounts to poison your data
Whenever you enter your name on a website to sign up for a new service or place an order, you may use fake identities and email accounts (to the fullest extent permitted by law) and tainted data. Please use two of these. The fake ID bit is self-explanatory. Data contamination is easy. When filling out information in online forms, enter the name of the website or service you are using in the field reserved for your middle name. For example, if I start receiving junk mail or spam from random companies and it’s addressed to “Rae Amazon Hodge,” I’ll know exactly which company sold me out.
