If you think your medical history is under lock and key, think again.
An investigation by ProPublica found that the medical information of millions of Americans is left unprotected to essentially anyone who can access a computer. The investigation revealed X-rays, CT scans, MRIs and other data of more than 5 million American patients and millions of other patients around the world, all sitting unprotected to the public. In the U.S., 187 servers used to store and retrieve medical information were unprotected by passwords and other security measures. The computer systems range from mobile X-ray services to doctors’ offices and medical imaging centers across the country.
Investigators said accessing someone’s health information on one of these servers would be as easy as using free software programs, or simply using a web browser. One such server left unprotected belonged to MobilexUSA. It contained medical data for more than 1 million patients, including date of birth, doctors’ names and procedures they’d undergone. MobilexUSA imaging services nursing homes, hospice agencies, prisons and rehabilitation hospitals by use of mobile X-rays. The company said they have tightened their security since being informed by investigators how unprotected patients’ medical records were on their servers.
In some cases, accessing unprotected medical data also meant the ability to retrieve patients’ Social Security numbers. Failure to secure patient information may violate the Health and Insurance Portability and Accountability Act, known as HIPAA. The law, established in 1996, requires health care providers to keep their patients’ health information secure and confidential.
Today, easy access to medical information isn’t the only privacy breech you need to be concerned about. From Facebook and Google tracking your every move and storing your personal data, to Alexa recording your private conversations, your privacy has been taken from you little by little for quite some time now, right under your nose.