Slashdot Mirror
Why Chinese Hackers Would Want US Hospital Patient Data
itwbennett (1594911) writes In a follow-up to yesterday's story about the Chinese hackers who stole hospital data of 4.5 million patients, IDG News Service's Martyn Williams set out to learn why the data, which didn't include credit card information, was so valuable. The answer is depressingly simple: people without health insurance can potentially get treatment by using medical data of one of the hacking victims. John Halamka, chief information officer of the Beth Israel Deaconess Medical Center and chairman of the New England Healthcare Exchange Network, said a medical record can be worth between $50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password. "If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details," he said.
Time for medicare for all in the usa also the million-dollar heart transplant is loaded with markup where you can likely go out side of the usa and pay way less for it.
also due to court rulings in favor of inmate care you can just go to prison / jail to get one as well.
http://www.cbsnews.com/news/pr...
Are there documented cases where the uninsured poor have bought blackmarket medical records to get healthcare? This seem preposterous.
The thesis is that you can waltz into a doctor's office AND a hospital with faked records and get the treatment needed. Basically the important bit is the insurance info - what has happened to "you" is less important than what you want to eventually happen to you (in the example given, a heart transplant).
I kinda doubt this, at least in a general sense. First off, you can show all the insurance cards and 'insurance info' to the medical provider all you want. The provider is going to query the insurance company before doing anything expensive. Fine, you say, call them all you want, the 'patient' is insured (it's just not the right patient). Now comes the hard part. The minute that the insurance company starts getting claims from both Peoria and Trenton, NJ flags are going to go up. Other old records would be sought (for something big like a transplant or joint replacement) which would likely not match.
Anything remotely resembling a heart transplant is going to fall apart unless both the real and fake patient have nearly identical physiques, ages and problems. More routine issues could go undetected for a while but persistent discrepancies would show up and as soon as the insurance company flagged the claim as problematic, big ticket items would be placed on hold until things go cleared up. When I worked in an early Medicaid HMO in the 1980's we had some problems with folks 'sharing' the Medicaid ID card (no picture, just a printout basically). It was pretty obvious when the patient's weight varied 30 pounds every other week. We soon insisted on photo ID.
And, in fact, the feds also insist on photo ID these days. Yes, if you're bleeding out we don't ask for it up front but as soon as your blood pressure normalizes we're poking around to figure out just who you are.
So it's possible that that full on medical records might be of value, but it's going to be much harder to monetize than a credit card number and likely would be of limited use. That doesn't mean that the information shouldn't be sealed up, of course. I'm just not sure how big a deal this is. And, in the case of the Community breach, they apparently did not get that information anyway.
Faster! Faster! Faster would be better!
and how many times have people, especially women have gone to the doctor and been ignored or told their symptoms were nothing? when the doctor should have done a test or procedure based on the patient's complaint? or in my wife's case a lower doctor wanted to do a c-section without doing the right tests first and her doctor who was the chief of obgyn at the hospital said no and after they did the tests it was found a c-section was not required
even then it's hard to sue for malpractice. the lawyers who do this have nurses on staff who review the charts and only a small percentage end up in a lawsuit.
Sorry, our DNA is copyrighted and adding it to our records would be an infringement on the copyright.
Moving to the UK's system means no insurance company, and your employer et al do not have access to your medical records. In-fact, most doctors do not have access to your medical records - they are only now bringing in a system where your medical records are shared on an on-demand basis with other hospitals and surgeries. Walk into an A&E department and they won't have your medical records.
This isn't being collected for individuals. That's to much work. It will be used for bulk insurance fraud. A portfolio of bogus patients to be mixed into a doctors insurance billing.
I'm amazed at how skillfully the finance and corporate community has ingrained "identity theft" into consumer's minds. (And yes, I'm using "consumer" instead of "citizen" on purpose.)
If someone uses a fake credit card to buy items from a store, they have defrauded the store and the credit card company. It should be irrelevant whether the name on that card is fake, or belongs to some other uninvolved third party.
And yet, the industry has managed to redirect the mindset and conversation to shift much of the blame onto that uninvolved third party, making them feel like they are the ones violated by this process, and leaving them with the mess to clean up while those defrauded only write off their losses after the third party goes through hoops to "prove" their own innocence. Meanwhile, there's rarely effort to go after the actual criminal at all.
I understand the reasons why there is a credit market, but I reject the notion that what was once called fraud, perpetrated against a business that is responsible for their losses, is now theft against an unrelated third party that is guilty until proven innocent by the corporate megaliths that run the financial world.
It doesn't hurt to be nice.
I agree that it is fraud and that it's ridiculous that the result of Identity theft is up to the affected person to prove/clean up. I don't think that the name "Identity theft" puts the blame on the victim, though, any more than "car theft" puts the blame on the owner of the stolen car. (Before someone complains "identity theft isn't theft because you still have your identity", imagine if someone kept "borrowing" your car while you slept but returned it every morning with more scratches and dings. You'd still have use of it when you wanted it, but the value of the car would drop quickly and it would be up to you to pay the repair costs. This is what identity thieves do to your credit.)
Sadly, as was my experience during my identity theft, the companies just don't care. The credit card companies see the fraud as something to write off as a cost of doing business and then they move on. Capital One actively blocked both me and the police from investigating. They told me "we can't give you the address on the card with your name on it because if you go and kill the person, we'd be liable." They would just ignore when the police called. (Calls routed to a voicemail box that was never answered.) The credit agencies are even worse. They see your credit file as a profit engine. New lines of credit on your credit file help drive their profits. Anything that blocks this is bad for business. So protecting against identity theft is bad for business. As far as the fraud goes? Well, that's the little people's concern, not theirs. (I was lucky that I caught it when I did or I'd have been fixing the problem for a long, long time.)
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
More than 7 million people now have insurance because of Obamacare.
That's 7 million more people than would be insured under the Republic plan of "Fuck you. Walk it off."
Too bad we couldn't fix it the right way. But that would be eeeeevil soshialisums even more than the not-actually-socialism socialism that Obamacare put into place.
The poor should just die in the streets of preventable illnesses, right?
Obamacare is hardly a socialist program. In fact, calling Obama socialist or liberal is a stretch.
Obama, one of the better republican presidents we have had.
Hopefully we get a real liberal next time instead of a poser.
Donald Trump, on a crusade to make Nixon look respectable
And this has been true throughout our history.
In the 1930's the right cried 'socialism' to the building of the Grand Coulee dam. It was supposed to boost farming in the middle of Washington State. It was way more electricity and water than would be needed (and we really didn't need that much extra food production at the time).
A few years later WWII happened, and it went from 'socialist' to 'forward thinking' when it allowed the mass production of aluminum for the war effort. (oddly the biggest socialist program in the country, the freeway system, met little opposition as it meant pork for every state, so like you said, they liked it, so it wasn't socialism)
Fortunately for us living here, it currently means very inexpensive electricity (8.8 cents per kwh per my last bill).
Donald Trump, on a crusade to make Nixon look respectable