Is Your Health Information Safe On-Line?
I think it’s fair to say I have done more policy-oriented public opinion research on cybersecurity than anyone. I have done polls in the United States and focus groups in the U.S. and throughout Europe. One of the things I have learned is that cybersecurity is not a top of mind concern for consumers. They are aware that problems exist - especially in the arena of privacy - but they don’t know what to do about it. They find ways to make themselves feel comfortable on-line, like buying anti-virus software or avoiding e-commerce, but then they just go about their business, deriving comfort from the idea that the big institutions like governments or banks have too much riding on the Internet to let things get truly bad for the public.
Robert Pear of the New York Times reports on why Americans are giving their government a little too much credit:
Federal investigators say they have found serious computer security flaws that could lead to the improper disclosure of sensitive medical information on people enrolled in Medicare and Medicaid.
In a new report, the investigators, from the Government Accountability Office, said “key information security controls were missing” from a huge communication network used by the federal Centers for Medicare and Medicaid Services.
As a result, they said, sensitive, personally identifiable information “could be improperly modified, disclosed or deleted.” Moreover, the report said, “these weaknesses could lead to disruptions in services” to millions of Medicare and Medicaid beneficiaries.
…
The Bush administration is encouraging adoption of electronic health records and is urging doctors to send prescriptions electronically to drugstores. It is also asking beneficiaries to keep track of their health information, including Medicare claims and prescriptions, by using a new online service at www.MyMedicare.gov. In fine print, the government says it “does not warrant the accuracy” of information on the Web site.
I’ve noted that privacy is on the verge of becoming a salient political issue, with cybersecurity likely to come along for the ride even though they are often very different problems. If seniors - the demographic most likely to vote - lose faith in the health information network, politicians will take note. This past April, my poll for the Cyber Security Industry Alliance showed that only 18 percent of seniors thought the health information network worked well compared to 34 percent of young adults. Twenty-three percent of seniors thought the network was vulnerable. I’ll know soon whether that number is increasing.
