The Dark Side of Big Data in HC

Posted on September 4, 2013


No sooner had I written about the massive impact of healthcare IT—and potential pitfalls in managing essential yet private personal patient data—than a triad of bad news regarding data integrity hit my inbox.

First, the Adventist Health System had a security breach that led to more than 740,000 patient records being sold to private entities, as covered by National Nurses United’s website.

Second, Becker’s Hospital Review noted Sutter Health’s EHR system (by EPIC) had a total outage for a good part of last Monday, which meant all patient records were totally inaccessible during that time.

Third, as reported by Billian’s Health Data, Tampa General Hospital suffered a security breach of protected health information in the aftermath of a tax refund fraud scheme involving indicted employees of the hospital.

Now, these headlines do not mean healthcare systems are lax about their patient data troves.  Hospital systems are simply inexperienced in having to maintain uninterrupted access and security by any means necessary.  Requirements for health data are nascent, so it will take dozens more breaches, and probably some really nefarious activity with the leaked or stolen data to have legislation drafted (most likely at the state level) enforcing yet-to-be-determined rigorous standards.

This is the risk of evolving technology.  Every new frontier has to weather its wild, wild West days.  At least until The Law arrives.