Slashdot Mirror
Quest Diagnostics Says Personal Health Information of 34,000 Customers Hacked (cbsnews.com)
Quest Diagnostics has said in a statement that a hack of an internet application on its network has exposed the personal health information of nearly 34,000 people. "Quest Diagnostics has notified affected individuals via mail and established a dedicated toll-free number to call with questions regarding this incident," the company said. CBS News reports: The Madison, New Jersey-based company says âoean unauthorized third partyâ on Nov. 26 gained access to customer information including names, dates of birth, lab results and in some instances, telephone numbers. The stolen data did not include Social Security numbers, credit card accounts, insurance details or any other financial information. Quest said Monday it is working with a cybersecurity firm and law enforcement to investigate the breach, while taking steps to prevent similar incidents from recurring. If you think you're affected by this hack, you can call (888) 320-9970.
I'm pretty sure the medical doctors aren't the ones making IT decisions.
MD here. Worked in infosec before med school so I know a bit about both. Most healthcare facilities are run by MBAs not MDs. The suits make the IT decisions. MDs usually stay out of it as they acknowledge that they don't have the expertise.
Well, the company that leaks information should be the one paying for new identities for all of the victims.
Or, you know, on paper? I much prefer to walk into a doctor's office and see the patients' records on paper, in folders, on shelves.
Sadly, the doctors are being forced to make everything "digital". Even my dentist's office is changing over (and they hate it - even the xray images aren't as good as the old films - poorer resolution and they don't show enough of the root structure).
This is not progress.
Gee, what if patients could actually control their own information? Dream on, you silly fool.
I gotta stop thinking about solutions, eh?
Imagine that all of your personal medical information was stored where YOU wanted it to be. One implementation would involve a decryption key in a smartcard that you would use to give permission to a doctor or hospital when they need to access your information.
Never happen. Too much like giving the patients actual rights. You know, like that Bill of Rights thing. Possession is nine points of the law, and you don't have the lawyers to make it happen, eh?
All those "eh"s? I'm not Canadian. Just wishing.
Uh "decryption key"? in a "smartcard"?
You must be new here (to this planet), and have not yet been exposed to the general ignorance that humanity blindly provides. There's a reason banking PINs are only 4 numbers long, so while you're rambling on about advanced security solutions, the other 90% of humans around you drip drool from a blank stare trying to understand what the fuck you're saying.
Oh, and do they even bother teaching about the Bill of Rights anymore? With the violations going on, the government would be setting themselves up for retaliation if the masses were actually educated on how they should be protected. Possession my ass. Read your EULAs. You don't "own" anything anymore.
MD here too, ^what he said
Would add that most hospitals and healthcare facilities can only afford the B team, so they get what they pay for.
Even my dentist's office is changing over (and they hate it - even the xray images aren't as good as the old films - poorer resolution and they don't show enough of the root structure).
This is not progress.
Uh, I've been to several healthcare providers that use digital imaging and it is incredibly high resolution. I think what your dentist is complaining about is that in order to get the same or better resolution means they have to spend some money to upgrade their old technology and they're really complaining about the cost of coming up-to-date with technology.
We'll make great pets