I-Network is an ICT for development (ICT4D) organization that is mainly supported by the International Institute for Communication and Development (IICD).

Follow us on Twitter
HEALTH: Cyber Security for Health Management Information Systems (HMIS) PDF Print E-mail

By Margaret Sevume, I-Network.

As administrative technologies like Electronic Health Records and online Health Portals begin to become standard protocol in health centers, the access to data and information so strongly demanded for by medical personnel, patients, and employees is also fast becoming a new target for cyber criminals. According to a recent report by Javelin Strategy and Research, fraud resulting from exposure of health data versus other  kinds of sensitive information  increased from 3% in 2008 to 7% in 2009.

Despite increased protection, health care organizations are a newly favoured target among cyber criminal because of the wealth of personal data they collect which can be monetized. On the black market in USA, stolen medical information costs $50 whereas a social security number costs only $ 1.

Why are health care details more ‘valuable’ than bank details?

An ATM theft has got a very limited lifespan which expires once the victim reports the theft. Health institutions have less experience in fighting crime unlike banks who were the initial target of thieves. Electronic healthcare Records and patient/ provider portals have made it easy to access and share medical information thereby opening up for criminals as well.

How are medical records criminally used?
Personal data is used by criminals to open new credit accounts in their names. The thieves then use these credit accounts to get treatment thereby accumulating a huge bill for the victim. If the victim is on health insurance, he will then be wrongly accused of abusing medical services because of criminals filling false medical claims.

How can institutions that deal in patients data overcome these challenges?

  • Determining authenticity of individuals’ identity during online registration.
  • Secure access to the online portal to prevent loss of patients’ personal and health information.
  • Secure access to physicians clinical applications.
  • Secure access to those paying the medical bill and other third parties.
  • Educate communities.

In Uganda the Ministry of health has opened up an electronic library containing scores of medical information at Mulago Hospital, the national referral hospital. Digital display boards have also been introduced to, among other registration issues, monitor women in labour after patients complained of baby theft. In 2011 Uganda Telecom and the United Nations Child’s Fund (UNICEF) Uganda launched a partnership with Mulago Hospital and Uganda Registration Services Bureau to enable Ugandans receive digital instant registration for new born babies.

This is the way to go with a vigilant eye kept on the security of data being collected.

Joomla Templates and Joomla Extensions by JoomlaVision.Com

To participate in ICT for development discussions, subscribe to our mailing list by sending an email with your full name, country of residence, job title and address to admin@i-network.or.ug

You could also fill out the form on Dgroup: I-Network Uganda.

More information on the mailing list can be found at http://www.dgroups.org

Follow I-Network updates on: