Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Why Chinese Hackers Would Want US Hospital Patient Data

timothy posted about 2 months ago | from the makes-great-gift-wrapping-too dept.

China 171

itwbennett (1594911) writes In a follow-up to yesterday's story about the Chinese hackers who stole hospital data of 4.5 million patients, IDG News Service's Martyn Williams set out to learn why the data, which didn't include credit card information, was so valuable. The answer is depressingly simple: people without health insurance can potentially get treatment by using medical data of one of the hacking victims. John Halamka, chief information officer of the Beth Israel Deaconess Medical Center and chairman of the New England Healthcare Exchange Network, said a medical record can be worth between $50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password. "If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details," he said.

Sorry! There are no comments related to the filter you selected.

Biometric security (0)

Anonymous Coward | about 2 months ago | (#47702969)

Time to add DNA information to our medical records!

Re:Biometric security (0)

Anonymous Coward | about 2 months ago | (#47703065)

DNA does not provide biometric security.
It is a biometric disaster if added to security measures.
What does it mean when DNA profiling becomes cheap enough to be used for security profiling by companies? It means DNA profiling is cheap enough for government sponsored crackers to use also. It is also cheap enough for non-government sponsored crackers to use also. It means that the script-kiddies will have your DNA profile, too.

Uninsured? (2, Funny)

Anonymous Coward | about 2 months ago | (#47703483)

No one is uninsured now. Obamacare magically fixed that on January first, 2014. This article must be all FUD and spin.

Re:Uninsured? (5, Insightful)

Ralph Wiggam (22354) | about 2 months ago | (#47704839)

More than 7 million people now have insurance because of Obamacare.

That's 7 million more people than would be insured under the Republic plan of "Fuck you. Walk it off."

Re:Uninsured? (0)

Spritzer (950539) | about 2 months ago | (#47705031)

More than 7 million people now have insurance paid for by taxpayers and rising insurance costs to all because of Socialism.

There. I fixed that for you.

Re:Biometric security - Copyrighted (3, Funny)

cgfsd (1238866) | about 2 months ago | (#47703323)

Sorry, our DNA is copyrighted and adding it to our records would be an infringement on the copyright.

Re:Biometric security (2)

ShanghaiBill (739463) | about 2 months ago | (#47704597)

Time to add DNA information to our medical records!

That is not necessary. All they need to do is ask for a government issued photo ID card, and make sure the name on the card matches the name on the insurance form. My experience is that about 100% of doctors and hospitals already do that. TFA claims that just knowing an SSN and DOB is enough, and that is not true.

Re:Biometric security (1)

GrumpySteen (1250194) | about 2 months ago | (#47705165)

Because nobody could possibly figure out how to make a fake photo ID [wikihow.com] ?

Time for medicare for all in the usa (3, Insightful)

Joe_Dragon (2206452) | about 2 months ago | (#47703019)

Time for medicare for all in the usa also the million-dollar heart transplant is loaded with markup where you can likely go out side of the usa and pay way less for it.

also due to court rulings in favor of inmate care you can just go to prison / jail to get one as well.

http://www.cbsnews.com/news/pr... [cbsnews.com]

Parasites in Congress (1)

Anonymous Coward | about 2 months ago | (#47703147)

The parasites in congress are the problem, not the answer. They're feeding their friends, the lawyers. Let's be honest; It's a lot better for me to order tests than to evaluate a person. The insurance company doesn't pay me to do the latter, and the lawyers are waiting for me to do the former. The more tests I do, the harder a case they have to demonstrate, and the lower my insurance, so higher my profit. It's really simple. Keep electing your lizards instead of their lizards, and healthcare will continue to be defensive.

Re:Parasites in Congress (3, Informative)

alen (225700) | about 2 months ago | (#47703185)

and how many times have people, especially women have gone to the doctor and been ignored or told their symptoms were nothing? when the doctor should have done a test or procedure based on the patient's complaint? or in my wife's case a lower doctor wanted to do a c-section without doing the right tests first and her doctor who was the chief of obgyn at the hospital said no and after they did the tests it was found a c-section was not required

even then it's hard to sue for malpractice. the lawyers who do this have nurses on staff who review the charts and only a small percentage end up in a lawsuit.

Re:Parasites in Congress (1)

Anonymous Coward | about 2 months ago | (#47703385)

Is there a way to ignore posts from phones?

Seriously dude, even on an on-screen keyboard, the shift and punctuation keys are available to you.

Re:Parasites in Congress (-1)

Anonymous Coward | about 2 months ago | (#47703659)

'phones - abbreviation
"Seriously, dude" - vocative

More pressingly, is there a way to ignore posts from people who don't know how to write simple Javascript? In the time it took me to make this post, I would have written a solution to your problem had I not already decided that you're an insufferable ass.

Re:Time for medicare for all in the usa (1, Insightful)

Anonymous Coward | about 2 months ago | (#47703173)

Ok, so you're going to pay for it, right? Why don't all you people who think this way just ante up and maybe the rest of us won't have to suffer for it? Why do you need to wait for the government to wrestle those greenbacks from your wallet and act like you're powerless to do it today? Put your money where your mouth is or shut up.
 
Personally, I'm sick of fighting tooth and nail to keep my wages in this job market and all the while paying for record high numbers of people on welfare of one form or another, paying other countries to play nice with one another and policing those that won't while the two-party scam tries to convince us that the economy is doing great with numbers that any idiot could see are skewed.

Re:Time for medicare for all in the usa (0)

Pliny (12671) | about 2 months ago | (#47704219)

Perhaps you're too busy just holding on to what you've got to realize that, statistically speaking you'll be joining those unemployed people on welfare sooner rather than later.

Re:Time for medicare for all in the usa (2)

DigiShaman (671371) | about 2 months ago | (#47703301)

Hah! And when the US economy collapse because of it, we will drag China down with us. What comes around goes around.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47704033)

You can only say "US economy collapse" so many times before the phrase starts robbing you of credibility.

Re:Time for medicare for all in the usa (1)

DigiShaman (671371) | about 2 months ago | (#47704803)

You must be oblivious to the amount of debt and inflation around you. That, and el presidente is about to enable millions of illegal immigrants the ability to work on the cheap and vote themselves "free" shit. Oh, and that throws the entire black community under the bus whom are already competing for jobs of the same ability. Meanwhile, they send over a net 20+ billion in wealth (per year) from the US compounding the hemorrhaging effect on the economy.

What can't go on forever won't go on forever.

Re:Time for medicare for all in the usa (5, Informative)

Charliemopps (1157495) | about 2 months ago | (#47703313)

Yes, because the single payer systems in Europe of trouble free right?

I'm not saying we don't have an issue, but your 1 step solution is a joke. The same corruption, greed and poor administration that afflicts us now would continue in the new system. It would just include all the problems of government waste and politics as well.

The problem in the US is states have enacted their own laws governing what treatment is required by law. So states that are pro-patient rights oppose allowing patients being able to seek insurance outside of the state as that would be an end run around their laws. As a result, patients cannot for any meaningful patients rights groups of a large enough size to make a difference in the healthcare market. There aren't enough doctors because younger doctors can make more money doing plastic surgery and other cosmetic specialty work, and the older doctors get pair so much they only feel the need to work 2 days a week. Tuition to medical schools in this country is borderline insane.

This is a very complex issue and throwing black and white solutions at it while calling your opponents stupid will get your no-where.

Re:Time for medicare for all in the usa (1)

Anonymous Coward | about 2 months ago | (#47703715)

in the new system. It would just include all the problems of government waste and politics as well.
 
We already have that. We're hip deep in it. And every time someone like the OP comes along and sees it all they see is the company at the front and not the governments roll. They scream for more government involvement and the government happily tightens the screws and takes more and more. A fantastic system.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47703777)

Yes, because the single payer systems in Europe of trouble free right?

I'm not saying we don't have an issue, but your 1 step solution is a joke. The same corruption, greed and poor administration that afflicts us now would continue in the new system. It would just include all the problems of government waste and politics as well.

The problem in the US is states have enacted their own laws governing what treatment is required by law. So states that are pro-patient rights oppose allowing patients being able to seek insurance outside of the state as that would be an end run around their laws. As a result, patients cannot for any meaningful patients rights groups of a large enough size to make a difference in the healthcare market. There aren't enough doctors because younger doctors can make more money doing plastic surgery and other cosmetic specialty work, and the older doctors get pair so much they only feel the need to work 2 days a week. Tuition to medical schools in this country is borderline insane.

This is a very complex issue and throwing black and white solutions at it while calling your opponents stupid will get your no-where.

It gets you elected.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47703843)

Who said anything about singe payer systems?

This is whats wrong with the health care issue. Whenever people talk about it, people like you simply point at Europe and scream about how flawed it is in its own way, therefore we should stick with the American flawed way and do nothing.

Re:Time for medicare for all in the usa (3, Interesting)

jklovanc (1603149) | about 2 months ago | (#47704211)

Take a look at this comparison [wikipedia.org] . Even though the US government pays much more per capita than Canada it does not cover everybody it while Canada does. Here is a possible reason;

A 1999 report found that after exclusions, administration accounted for 31.0% of health care expenditures in the United States, as compared with 16.7% of health care expenditures in Canada.

Single payer systems make administration much simpler.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47704321)

As an auditor of federal healthcare systems, I can tell you that that lower administrative cost is deceiving. It's just moved elsewhere, not reduced.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47704329)

Not necessarily. Administration is a very nebulous term, and your data is incomplete. Is this 31% of expenditures covered by medicare? Medicaid? Private insurance? A combination of two or more?

The US government is also far more wasteful when it comes to "administration" than Canada. What makes you think those numbers wouldn't be similar under single payer? Who's to say that it won't even balloon, given that we need a larger bureaucracy to cope with more citizens.

Re:Time for medicare for all in the usa (1)

Anonymous Coward | about 2 months ago | (#47704397)

Let me throw some ideas out, not necessarily all my own.

Drug patent reform...
7 year cap on patents
Elimination of being able to repatent on "minor" improvements.
Requirement that the drug company must make an effort to provide a generic version, whether they do it themselves or have a 3rd party do it on their behalf (without royalties). (More requirements to prevent price fixing would be needed.)

For any drug plan, it shouldn't necessarily be free. Even for those on Medicaid. There needs to be an incentive to find the cheapest pharmacy. Competition among pharmacies would be good, right? So, if the patient had to pay like 10% (or $4, whichever is more) of the cost, it still might be reasonable. However, I'd have a cap of never needing to pay more than X per month for those below poverty level and Y per month for those above the poverty level.

Seriously, I'm on Medicaid (Apple Health or whatever it's called in my state) because of my income level, and I get prescriptions for free. But I'd probably be okay paying 10% of the value. I have choice of two pharmacies. Fred Meyer, which can do Costco match, and the pharmacy where I go. I choose Fred Meyer because of convenience though, given where I live. That way, when I arrive home, it's ready. But I imagine it could cost them more if I chose a pharmacy that's part of a clinic. Not sure though.

As for regular college, I feel the first two years (based on state average) should be tuition-free (with 2.0+ GPA on 4.0 scale). I'd also in favor of increasing the Direct Loans borrowing limits, especially for subsidized loans, and capping interest at 1% over inflation. Ideally it'd be at inflation, so what we borrow is what we pay back. But 1% is fine. So, if inflation is 3.5%, it'd be 4.5%. None of this 6.8% stuff that's going on now.

I don't know if tuition rates in medical schools are fair. However, how about a government loan option so students (who graduate) can opt to pay 5% of their income (2 year grace period after graduating) for the next 35 years?
This income would be federal AGI minus poverty level, with nothing else factored in. I'd call it the PAGI. So, a family of six might have a poverty level of $30k, but if the federal AGI is $70k/year, that's 5% off $40k.

Where did you go to school? (1)

Zontar_Thing_From_Ve (949321) | about 2 months ago | (#47704601)

I'm serious. Where did you go to school? Because I want to make sure that absolutely nobody I know goes there. Wow. If your plan was to take the daily prize for grammatical errors, missing words, lack of sense, and so on, well, congratulations as we have a winner.

You're (you might notice that I spelled that correctly) the only person I know of to ever mention individual state laws as a health care problem. A law can simply be passed making health care a federal matter to deal with that. And tuition to medical schools has always been high. This is not a recent occurrence. Outside of Los Angeles there just aren't all that many plastic surgery doctors so that's not really a problem either. However, this a shortage of general practitioners among younger doctors and that is because it doesn't pay as well as specialty medicine does, but doctors are going into all the specialist fields. There's no explosion of cosmetic doctors. And the system can only support so many specialists. Every medical school candidate simply can't go into the same specialty because there aren't enough training opportunities.

Re:Time for medicare for all in the usa (3, Insightful)

Anonymous Coward | about 2 months ago | (#47704661)

Yes, because the single payer systems in Europe of trouble free right?

I'm not saying we don't have an issue, but your 1 step solution is a joke. The same corruption, greed and poor administration that afflicts us now would continue in the new system. It would just include all the problems of government waste and politics as well.

"Government waste"? Every other health care system in the world has lower costs that the US as a percentage of GDP and per capita:

http://www.theguardian.com/news/datablog/2012/jun/30/healthcare-spending-world-country

You would reduce waste by going with single-payer.

And these costs don't even get the US the highest life expectancy or lowest child mortality rates.

I'm sure there are good arguments against single payer, but worries about waste are not one of them.

Re:Time for medicare for all in the usa (4, Insightful)

radarskiy (2874255) | about 2 months ago | (#47704767)

"Yes, because the single payer systems in Europe of trouble free right?"
1) Where did the OP claim that it was trouble free?
2) Why does it have to be trouble free before it can be useful?

Re:Time for medicare for all in the usa (1)

Peter Simpson (112887) | about 2 months ago | (#47703403)

the million-dollar heart transplant is loaded with markup where you can likely go out side of the usa and pay way less for it.

Yeah. With heart transplants, as with anything else, you get (more or less) what you pay for. Sure, that discount heart transplant you paid $30 for in Mumbai *might* be just fine...but I'd bet my life against it.

Re:Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47704683)

> I'd bet my life against it.

Let's assume you can get heart surgery for 100k. Your life is worth let's say 1M. Would you wager your life over 900k that your family might get if you die? Transplants in USA aren't perfect, you die all the same.

Re:Time for medicare for all in the usa (-1)

Richard_at_work (517087) | about 2 months ago | (#47703427)

I am so glad I live in a country where the most I will ever pay for non-elective medical care is the price of the prescription (currently £8.05). Heart attack with a week in intensive care? Won't cost me a penny. Broken my leg, need a cast and physiotherapy? Won't cost me a penny.

Re:Time for medicare for all in the usa (-1, Troll)

Anonymous Coward | about 2 months ago | (#47703511)

I am so glad I live in a country where the most I will ever pay for non-elective medical care is the price of the prescription (currently £8.05). Heart attack with a week in intensive care? Won't cost me a penny. Broken my leg, need a cast and physiotherapy? Won't cost me a penny.

Me too, and I live in the USA. My gold plated insurance plan (that any decent employer needs to pay for if they want to seek talent that will benefit them in any way) lets me sleep soundly at night. So who cares if people who don't want to work for a living won't get this kind of care? Keep your hands off of my class warfare! If poor people want healthcare, they should get a good job. Or, at least, join a labor union! The problem is that poor people are pretty notorious for their lack of planning. They need some incentive to get to work on time, so how is that my fault? Oh btw how is that whole unemployment thing going for you, Britface?

Re:Time for medicare for all in the usa (3, Insightful)

Richard_at_work (517087) | about 2 months ago | (#47703573)

What unemployment thing? We are a few tenths of a percentage point behind the US on unemployment, nothing major.

Re:Time for medicare for all in the usa (1)

Anonymous Coward | about 2 months ago | (#47704377)

What unemployment thing? We are a few tenths of a percentage point behind the US on unemployment, nothing major.

Haven't you heard? When a Democrat is in the Whitehouse unemployment soars according to Fox News. The unemployment rate is over 90% for those over 70 or under 15. 90% unemployment! What is happening to OUR America? Just 6 years ago those people weren't unemployed, they were retired or in school. I blame Obama for his eagerness for war in Afghanistan and Iraq and his cowardice from war in Ukraine. That is the only reasonable conclusion based on everything I've heard. If you heard what I heard, and only what I hear from Fox, my single source fair and balanced news source, you'd agree.

Re: Time for medicare for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47703697)

Can't tell if you're being a wise-ass or if that's what you truly think. You sound pretty much like every American I've ever talked to about the subject. Sad, really.

Re:Time for medicare for all in the usa (2, Insightful)

Anonymous Coward | about 2 months ago | (#47703735)

Please fact-check before throwing negative comments someones way.

US Unemploymnent : 6.3%
UK Unemploymnent : 6.4%

Re:Time for medicare for all in the usa (2)

ColdWetDog (752185) | about 2 months ago | (#47705283)

Please fact-check before throwing negative comments someones way.

US Unemploymnent : 6.3%
UK Unemploymnent : 6.4%

Imperial or US percentages?

Re:Time for medicare for all in the usa (3, Insightful)

jellomizer (103300) | about 2 months ago | (#47703639)

You don't pay taxes?

It isn't free, it is just that your money that you are paying is being placed in an other category.

Re:Time for medicare for all in the usa (3, Insightful)

Richard_at_work (517087) | about 2 months ago | (#47703789)

I never said it was free, but we all pay taxes while only some of us don't have to fork out ridiculous additional sums for medical cover.

For example, I will never be hit with a bill for medical treatments my insurance won't cover. There isn't a moment I have to worry about getting charged for my stay in hospital. I don't have to worry about whether my insurance will cover the drugs my doctor has prescribed me, the most I will pay is £8.05, even if the drug costs £10,000 a course.

Re:Time for medicare for all in the usa (1)

Anonymous Coward | about 2 months ago | (#47703931)

I never said it was free,

Liar. Well, unless you really don't pay taxes (which may well be true, dunno):

I am so glad I live in a country where the most I will ever pay for non-elective medical care is the price of the prescription (currently £8.05). Heart attack with a week in intensive care? Won't cost me a penny. Broken my leg, need a cast and physiotherapy? Won't cost me a penny.

Re:Time for medicare for all in the usa (3, Insightful)

the eric conspiracy (20178) | about 2 months ago | (#47703725)

Don't be daft. You are paying for your medical care in your tax bill and in all the other goods and services you buy that have taxes embedded in their prices.

There is no free lunch (2nd law of thermodynamics).

Re:Time for medicare for all in the usa (2)

Megol (3135005) | about 2 months ago | (#47704147)

Yes that is true. What's also true is that most people doesn't need the most expensive type of treatment which makes the total less than a medical insurance in the US. The difference is that those that can't afford paying for an insurance still can get the necessary care. And if one want to and can afford it - go for it and get an insurance too and get that unnecessary CT scan or MRI whenever you feel like!

Re:Time for medicare for all in the usa (1)

the eric conspiracy (20178) | about 2 months ago | (#47704199)

The PPACA has pretty much eliminated the issue of not being able to pay for medical care in the US, at least in the 27 states that have expanded medicaid.

Re:Time for Universal Donors for all in the usa (0)

Anonymous Coward | about 2 months ago | (#47703793)

Where have seen a million-dollar heart transplant bill? Prove it!

The reason people can't get heart transplants is a lack of available heart organ donors. Under US law, organ donation has an "opt in" rule, one must sign a document (e.g. the driver's license) to be a donor. Compare this to junk mail or SPAM which is an "opt out" rule.

Spain changed its laws (in the last decade?) to an "opt out" organ donation rule. This increased organ donation significantly. Other organs are more readily used, since kidney, skin grafts, & even corneas are in better condition at death.

uh-huh (5, Insightful)

Anonymous Coward | about 2 months ago | (#47703037)

Are there documented cases where the uninsured poor have bought blackmarket medical records to get healthcare? This seem preposterous.

uh-huh (0)

Anonymous Coward | about 2 months ago | (#47703101)

whenever some company starts offering low-price transplants to the uninsured poor, you'll have your answer.

Re:uh-huh (1)

geekmux (1040042) | about 2 months ago | (#47703177)

whenever some company starts offering low-price transplants to the uninsured poor, you'll have your answer.

Ironically, a $150,000 heart surgery is low price compared to the million dollars your insurance company will be billed.

You might also have a hard time pointing the finger at the real crooks here.

Re:uh-huh (5, Informative)

Anonymous Coward | about 2 months ago | (#47703231)

Um, No. In a Government funded Health system Such as in NZ, well below your predicted 1mil.

Quote; You might also have a hard time pointing the finger at the real crooks here.

not really, the crooks are your govt selling your health care to the highest bidder.

cardiac bypass (heart surgery): $37,000-$45,000
valve replacement (heart surgery): $43,000-$53,000
angiogram (diagnostic test): $3600-$4400
angioplasty with 2 stents (heart surgery): $17,000-$20,000
total hysterectomy (surgery): $10,000-$13,000
laparoscopic excision of endometriosis (surgery): $4900-$6000
prostate removal (cancer surgery): $10,000-$12,000
prostate brachytherapy (cancer surgery): $21,000-$25,000
excision of cancerous skin lesion: $1000-$1500
colonoscopy (diagnostic test): $1500-$1800
radical mastectomy (breast cancer surgery): $8300-$10,000
radiation therapy (one course of treatment): $15,000-$27,000
gastroscopy (diagnostic test): $1100-$1300
laparoscopic cholecystectomy (gall bladder surgery): $6800-$8400
total hip replacement (surgery): $18,000-$22,000
total knee replacement (surgery): $19,000-$23,000
cataract removal (eye surgery): $3500-$4000
thyroidectomy (surgery): $8300-$10,200
endoscopic sinus surgery: $6500-$7900
wisdom teeth removal: $1900-$2400
varicose veins (both legs): $6300-$7800
hernia repair: $5400-$6600
knee arthroscopy: $4000-$5000
biopsy: $1000-$1500
MRI scan: $1000-$1200
CT scan: $600-$800
ultrasound: $150-$200.

Link, http://www.everybody.co.nz/page-56d7ef0e-9e87-46ad-9ab9-843e76f8301e.aspx

Re:uh-huh (1)

dugancent (2616577) | about 2 months ago | (#47703309)

What the insurance gets billed and what they pay is rarely close. If they get billed $1,000,000 for a transplant, they might pay $250,000.

Re: uh-huh (2)

jd2112 (1535857) | about 2 months ago | (#47703841)

Point your finger in any direction. There are enough crooks in the healthcare industry that you will probably be ponting at one of them.

Re:uh-huh (4, Interesting)

Anonymous Coward | about 2 months ago | (#47703345)

This seem preposterous.

As a person in the medical billing field, I've regularly seen faked insurance cards, but they're easy to weed out thanks to electronic eligibility verification. Given that people will walk right up to the counter with their "Homana" insurance card printed on cheap paper, I can absolutely believe that we've treated people who claim to be Jane Doe, have an insurance card with Jane Doe's name, group and policy # on it, and know Jane Doe's DOB (sufficient information to pass eligibility verification). The only way the insurance company would figure it out is if the real Jane Doe was being seen by a doctor somewhere else that day, or if Jane Doe actually read any of the paperwork she gets past the line "This is not a bill".

Re:uh-huh (0)

Anonymous Coward | about 2 months ago | (#47703797)

There's big business and big businesses in preventing the type of fraud discussed in the article.

http://www.lexisnexis.com/risk/health-care/health-care-fraud.aspx

Less likely government (1)

Krojack (575051) | about 2 months ago | (#47703063)

and more likely some hacker group wanting to sell SS# and CC# on the black market.

That's my opinion.

Re:Less likely government (1)

Jason Levine (196982) | about 2 months ago | (#47703375)

I'd agree with you. Using a person's name, address, social security number, and date of birth (all items included in the hacking), you can steal someone's identity and open lines of credit in their name. Then you run up a big tab, buying electronics and the like, and let the person whose identity you stole deal with the bill. This happened to me awhile back, except I was lucky that the thieves paid for rush delivery of the credit card before changing the address from mine to theirs. The card arrived at my house and I was able to cancel it before any real damage was done. (My credit file is now frozen so nobody - not even me - can open new lines of credit unless I thaw it first.)

Re:Less likely government (5, Interesting)

SydShamino (547793) | about 2 months ago | (#47703495)

I'm amazed at how skillfully the finance and corporate community has ingrained "identity theft" into consumer's minds. (And yes, I'm using "consumer" instead of "citizen" on purpose.)

If someone uses a fake credit card to buy items from a store, they have defrauded the store and the credit card company. It should be irrelevant whether the name on that card is fake, or belongs to some other uninvolved third party.

And yet, the industry has managed to redirect the mindset and conversation to shift much of the blame onto that uninvolved third party, making them feel like they are the ones violated by this process, and leaving them with the mess to clean up while those defrauded only write off their losses after the third party goes through hoops to "prove" their own innocence. Meanwhile, there's rarely effort to go after the actual criminal at all.

I understand the reasons why there is a credit market, but I reject the notion that what was once called fraud, perpetrated against a business that is responsible for their losses, is now theft against an unrelated third party that is guilty until proven innocent by the corporate megaliths that run the financial world.

Re:Less likely government (3, Interesting)

Jason Levine (196982) | about 2 months ago | (#47704805)

I agree that it is fraud and that it's ridiculous that the result of Identity theft is up to the affected person to prove/clean up. I don't think that the name "Identity theft" puts the blame on the victim, though, any more than "car theft" puts the blame on the owner of the stolen car. (Before someone complains "identity theft isn't theft because you still have your identity", imagine if someone kept "borrowing" your car while you slept but returned it every morning with more scratches and dings. You'd still have use of it when you wanted it, but the value of the car would drop quickly and it would be up to you to pay the repair costs. This is what identity thieves do to your credit.)

Sadly, as was my experience during my identity theft, the companies just don't care. The credit card companies see the fraud as something to write off as a cost of doing business and then they move on. Capital One actively blocked both me and the police from investigating. They told me "we can't give you the address on the card with your name on it because if you go and kill the person, we'd be liable." They would just ignore when the police called. (Calls routed to a voicemail box that was never answered.) The credit agencies are even worse. They see your credit file as a profit engine. New lines of credit on your credit file help drive their profits. Anything that blocks this is bad for business. So protecting against identity theft is bad for business. As far as the fraud goes? Well, that's the little people's concern, not theirs. (I was lucky that I caught it when I did or I'd have been fixing the problem for a long, long time.)

Re:Less likely government (1)

radarskiy (2874255) | about 2 months ago | (#47704743)

1) That is a hypothesis, not an opinion
2) The summary states "...the data, which didn't include credit card information...", which contradicts half of your hypothesis.

nonsense (0)

Anonymous Coward | about 2 months ago | (#47703087)

"a person could use the stolen data to convince a hospital they are insured and receive treatment, Halamka said."

until the hospital asks money from insurance company.

RTFA (0)

Anonymous Coward | about 2 months ago | (#47703089)

You used an example of a data breach where no medical information was stolen to explain why hackers would want medical information. RTFA before you link to it in a new article.

I'm not so sure.... (5, Insightful)

ColdWetDog (752185) | about 2 months ago | (#47703103)

The thesis is that you can waltz into a doctor's office AND a hospital with faked records and get the treatment needed. Basically the important bit is the insurance info - what has happened to "you" is less important than what you want to eventually happen to you (in the example given, a heart transplant).

I kinda doubt this, at least in a general sense. First off, you can show all the insurance cards and 'insurance info' to the medical provider all you want. The provider is going to query the insurance company before doing anything expensive. Fine, you say, call them all you want, the 'patient' is insured (it's just not the right patient). Now comes the hard part. The minute that the insurance company starts getting claims from both Peoria and Trenton, NJ flags are going to go up. Other old records would be sought (for something big like a transplant or joint replacement) which would likely not match.

Anything remotely resembling a heart transplant is going to fall apart unless both the real and fake patient have nearly identical physiques, ages and problems. More routine issues could go undetected for a while but persistent discrepancies would show up and as soon as the insurance company flagged the claim as problematic, big ticket items would be placed on hold until things go cleared up. When I worked in an early Medicaid HMO in the 1980's we had some problems with folks 'sharing' the Medicaid ID card (no picture, just a printout basically). It was pretty obvious when the patient's weight varied 30 pounds every other week. We soon insisted on photo ID.

And, in fact, the feds also insist on photo ID these days. Yes, if you're bleeding out we don't ask for it up front but as soon as your blood pressure normalizes we're poking around to figure out just who you are.

So it's possible that that full on medical records might be of value, but it's going to be much harder to monetize than a credit card number and likely would be of limited use. That doesn't mean that the information shouldn't be sealed up, of course. I'm just not sure how big a deal this is. And, in the case of the Community breach, they apparently did not get that information anyway.

Re:I'm not so sure.... (1)

jbmartin6 (1232050) | about 2 months ago | (#47703261)

Yes, the summary's idea that one could get a heart transplant with faked records is baloney. But there are a lot of simpler health care interactions which are easier to get with faked records, such as basic prescriptions. And it's not much harder to monetize, you do it the same way you do credit cards. Those marketplaces are well established for both CC info and health info, in many cases they are the same place.

Re:I'm not so sure.... (1)

danlip (737336) | about 2 months ago | (#47703649)

You may be right with prescriptions. And the people using the fake medical identity would not be getting the prescriptions for themselves but for resale on the black market, and would probably be a career criminal. If they are local (relative to the real person) and they go to the same pharmacy (which would already have the account info in their computer) maybe they wouldn't be asked for ID or flagged as fraudulent. Although it's still a little hard to believe, because the drugs that are valuable on the black market are narcotics and I am pretty sure they ask for ID every time for those.

Re:I'm not so sure.... (1)

tlhIngan (30335) | about 2 months ago | (#47703683)

Yes, the summary's idea that one could get a heart transplant with faked records is baloney. But there are a lot of simpler health care interactions which are easier to get with faked records, such as basic prescriptions. And it's not much harder to monetize, you do it the same way you do credit cards. Those marketplaces are well established for both CC info and health info, in many cases they are the same place.

It only works for so long - insurance has dealt with this fraud for ages now too - they get curious as to why you're taking two conflicting drugs, or why your prescription has suddenly doubled instead of getting a double-strength version, etc.

Yeah, you're not likely to get caught if you're just charging one bottle of antibiotics to it, but at $50, you'd be repeatedly using it and insurance would start making inquiries.

Doubly so if some drugs suddenly show up without a corresponding medical record - e.g., heart medication even though your doctor hasn't found a heart condition or explicitly mentioned treatment. (And really, the only reason would be to charge expensive drugs to it that often have corresponding medical conditions).

As for insurance companies buying the data up for data collection purposes - they really don't have to. First, it's not exactly legal, and second, they have far more legal ways to get all that information and more and can be had far easier too.

Re:I'm not so sure.... (1)

camperdave (969942) | about 2 months ago | (#47704629)

Yes, the summary's idea that one could get a heart transplant with faked records is baloney.

I couldn't make sense of the summary, at first. If my medical condition is bad enough that a transplant is needed, then why should I need someone else's medical records? My own would do.

On the other hand, I suppose someone's glaucoma could get me medicinal marijuana...

Re:I'm not so sure.... (1)

grasshoppa (657393) | about 2 months ago | (#47703265)

You're right about he insurance, but I can't help but wonder if the reasons the data is valuable are far more mundane: in order to target specific product and services for sale. If you know a patient has a specific condition, you can target them with ads for specific therapies.

Re:I'm not so sure.... (1)

ColdWetDog (752185) | about 2 months ago | (#47703531)

The manufacturers can already get that info, as well as pharmaceutical manufacturers. No need to be all covert about it. They made sure of that when they wrote HIPAA.

Re:I'm not so sure.... (0)

Anonymous Coward | about 2 months ago | (#47703271)

For major surgery or hospital stays this probably wouldn't work as you described above. (I agree with you)

However, for general day to day and occasional sick visits this would probably work fairly easily and certainly could work if a person were a little bit calculated in it. Most Dr. offices only take a photo of your license and insurance card and do the billing days/weeks later. Assuming your ID and cards are fake, there is hardly any way for them to track you down later. Rotate Dr. offices and it will be a while before they catch up to you. If you can get this for around $50 then even if it works one time it is "worth" it to the person without insurance. With 4.5 million records, most people could find a match to their name and with kid dependents they usually don't have a way to show ID so the dependent names of your kids wouldn't really matter or have to match...

This might end up being a bit trickery to fight from a fraud perspective than most people think...

Re:I'm not so sure.... (0)

Anonymous Coward | about 2 months ago | (#47703293)

Wait, so a photo ID is required to receive medical treatment in the US?

Re:I'm not so sure.... (0)

Anonymous Coward | about 2 months ago | (#47703479)

No.

Re:I'm not so sure.... (1)

ColdWetDog (752185) | about 2 months ago | (#47703547)

Yep. Look up "Red Flags rule".

Re:I'm not so sure.... (4, Informative)

Technician (215283) | about 2 months ago | (#47703331)

Some hospitals are taking photos of patients with higher cost proceedures as early as 6 years ago. My photo is in my medical records. A stolen ID would be spotted by any staff reviewing my medical history.

Re:I'm not so sure.... (5, Interesting)

Jason Levine (196982) | about 2 months ago | (#47703409)

Maybe, but maybe not. I know someone whose identity was stolen and used by a criminal who was arrested. Despite the fact that the guy looks NOTHING like the criminal in question (different height, weight, skin color, etc), he found himself fired from his job for having a criminal record and harassed by police officers who just assumed he was the criminal. It took him years to get anyone to even listen to him and even then it took years to fix the problem as one fixed system would get "re-infected" as the bad data flowed back in from other systems.

Re:I'm not so sure.... (1)

the eric conspiracy (20178) | about 2 months ago | (#47703691)

All the medical service providers I use now require I show photo ID which they then scan.

This theft has no particular utility when it comes to stealing medical services.

Re:I'm not so sure.... (1)

Registered Coward v2 (447531) | about 2 months ago | (#47703991)

All the medical service providers I use now require I show photo ID which they then scan.

This theft has no particular utility when it comes to stealing medical services.

Unfortunately an aceptable ID such as a drivers license is easy to fake, especially since the admittance clerk is just looking for something to scan and not a cop trained to spot fakes.

Re:I'm not so sure.... (1)

sociocapitalist (2471722) | about 2 months ago | (#47704005)

Some hospitals are taking photos of patients with higher cost proceedures as early as 6 years ago. My photo is in my medical records. A stolen ID would be spotted by any staff reviewing my medical history.

Presumably not if the imposter went somewhere in the country where you've never been.

sounds more like (0, Troll)

Anonymous Coward | about 2 months ago | (#47703129)

This article sounds more like a lame attempt to justify obamacare than anything else. "See, we should have universal care because hackers!"

Exaggeration much ...? (1)

ilparatzo (3627897) | about 2 months ago | (#47703137)

If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details

Something tells me it would be a little trickier than that given all that is involved in that million-dollar heart transplant. Not to mention all the local news coverage, the calls to the insurance company prior to surgery given the high cost of the surgery, getting on the waiting list, etc, etc. Not to say that it's not possible that people buy the records for getting medical care, but maybe that example isn't the best in the world.

In reality, I imagine it's the SSN coupled with a wealth of information about that person that is really what is so valuable. That can be used for any number of things other than medical care specifically. It's only naturally to link the source of the data to the ultimate purpose, but in this case I don't think they are so closely intertwined. It's simply valuable data held in a hospital network.

bass akwards (2)

Iamthecheese (1264298) | about 2 months ago | (#47703149)

Medical records are insecure... so it's time to migrate to a system like the UK where they contain comprehensive information about each person? Am I actually reading this?

Until patient confidentiality is enshrined into laws with real teeth and my insurance company, employer, or local black market guru can't get their hands on them I think I'll pass.

Re:bass akwards (3, Informative)

Richard_at_work (517087) | about 2 months ago | (#47703453)

Moving to the UK's system means no insurance company, and your employer et al do not have access to your medical records. In-fact, most doctors do not have access to your medical records - they are only now bringing in a system where your medical records are shared on an on-demand basis with other hospitals and surgeries. Walk into an A&E department and they won't have your medical records.

Re:bass akwards (1)

sociocapitalist (2471722) | about 2 months ago | (#47704011)

Medical records are insecure... so it's time to migrate to a system like the UK where they contain comprehensive information about each person? Am I actually reading this?

Until patient confidentiality is enshrined into laws with real teeth and my insurance company, employer, or local black market guru can't get their hands on them I think I'll pass.

So instead your info is leaked one way or the other anyway and you have what, exactly, as a benefit that you would lose going to a single payer system?

It's not the heart transplant people that want it (1)

gurps_npc (621217) | about 2 months ago | (#47703203)

No, it's the people with diabetes, or cancer. You steel a record that is as close as possible to your own, and you use it. God help the real patient, who has to worry about doctors looking at the thieves' medical results.

Re:It's not the heart transplant people that want (1)

camperdave (969942) | about 2 months ago | (#47704709)

Getting a record that is close to your own would be of no benefit. If you need a heart transplant, you get the records of a patient that is worse off than you, so that you can gain a better position on the transplant waiting list.

Only proves (0)

Anonymous Coward | about 2 months ago | (#47703233)

Only proves health-care should be a universal right, then you wouldn't have any fraud with patient records...
duh...

there's also blackmail (1)

schlachter (862210) | about 2 months ago | (#47703311)

to all the important or otherwise image conscious people who have diseases and conditions they don't want made public.

Re:there's also blackmail (1)

Errol backfiring (1280012) | about 2 months ago | (#47703465)

Or companies who check these records for new employees: they will not be hired if they have suffered from any serious diseases.

Universal Healthcare via Chinese Hackers? (0)

TheBilgeRat (1629569) | about 2 months ago | (#47703435)

THANKS OBAMA

Re:Universal Healthcare via Chinese Hackers? (1)

the eric conspiracy (20178) | about 2 months ago | (#47703625)

How does this have anything to do with Obama? Or are you a bot or human acting as a proxy for a bot?

Re:Universal Healthcare via Chinese Hackers? (0)

Anonymous Coward | about 2 months ago | (#47703769)

Fox Tourettes

Re:Universal Healthcare via Chinese Hackers? (0)

Anonymous Coward | about 2 months ago | (#47704137)

Thanks to Obama, we all have to buy health insurance with private companies who don't have a strong incentive to protect our data. Obamacare is worse for privacy than both free market health care and Single Payer.

Insurance Fraud (0)

Anonymous Coward | about 2 months ago | (#47703451)

There is Insurance Fraud.

Bulls3#!t (3, Interesting)

TRRosen (720617) | about 2 months ago | (#47703457)

This isn't being collected for individuals. That's to much work. It will be used for bulk insurance fraud. A portfolio of bogus patients to be mixed into a doctors insurance billing.

Explanation of Benefits Statement (0)

Anonymous Coward | about 2 months ago | (#47703521)

This would show up on a monthly EOB statement.

Other reasons than fraud (1)

g01d4 (888748) | about 2 months ago | (#47704343)

I don't think the data is private primarily to prevent fraud. My first guess was medical tourism. Overseas drug prescriptions, &c. &c.

Not the obvious, obviously (1)

archmcd (1789532) | about 2 months ago | (#47704361)

So it's not for the name, address, date of birth, social security number etc. that can be used for any lucrative form of identity theft? That's a relief!

Really (1)

tsqr (808554) | about 2 months ago | (#47704539)

If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details.

It would be less painful to just kill yourself than to receive an organ transplant based on someone else's medical record and then wait for rejection to set in.

Nope, I seriously doubt that (1)

gelfling (6534) | about 2 months ago | (#47704917)

It's FAR more likely they use that information to bilk insurance companies directly.

Chinese intelligence (0)

Anonymous Coward | about 2 months ago | (#47705065)

These records may well have been stolen for the value of a selected few of the records. Chinese intelligence may not be interested in insurance fraud, but they certainly are interested in collecting intelligence on (some) American citizens. Think politicians, defense contractors, key employees of sensitive agencies (DOE/DOD/DOC/DOS/DARPA), etc. Medical information on such targets can be very valuable.

Danger! (0)

Anonymous Coward | about 2 months ago | (#47705119)

"People without health insurance can potentially get treatment"!. "Instead of just dying as they should!", they could add. This statement alone show how beautiful your society is. You let people die (no, the right word is kill them) because they don't have money. Well, you never know when this debt will be repaid, so, think about it...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?