Ethan Huff reports:
Another major data breach has once again demonstrated that the widespread adoption of digital records storage systems has made patient privacy more vulnerable than ever before.
This time it involves patients who have gotten blood tests through Quest Diagnostics, where nearly 12 million patient records were recently hacked, according to reports.
One of the nation’s largest providers of blood tests, Quest Diagnostics says that both financial and medical information may have been breached in the hack, which the company is blaming on “an issue” with one of its vendors.
A filing with securities regulators reveals that, between August 1, 2018, and March 30, 2019, someone gained unauthorized access to the computer systems of AMCA, a billing collections vendor contracted by Quest.
In the filing, Quest admitted that the affected information in AMCA’s systems includes “financial information (eg, credit card numbers and bank account information), medical information and other personal information (eg, Social Security Numbers).”
What was not affected, according to Quest, were patient lab results, which the company claims are not stored or accessed by AMCA.
As of May 31, 2019, the data of some 11.9 million Quest patients has reportedly been affected, though Quest claims that it has yet to receive “detailed or complete” information about the full extent of the damage that has been done.
“Quest Diagnostics takes this matter very seriously and is committed to the privacy and security of patients’ personal, medical and financial information,” reads more of the Quest filing with securities regulators.
For more related news about how data stored digitally is constantly at risk of being hacked, be sure to check out CyberAttack.news.
The federal government has been “hacking” patient data for years
In response, a firm working with AMCA to investigate this “data incident” announced that after it conducted an “internal review,” it “took down our web payments page.”
“We hired a third-party external forensics firm to investigate any potential security breach in our systems, migrated our web payments portal services to a third-party vendor, and retained additional experts to advise on, and implement, steps to increase our systems’ security,” a statement from this firm added.
“We have also advised law enforcement of this incident. We remain committed to our system’s security, data privacy, and the protection of personal information.”
This situation with Quest Diagnostics and AMCA is just one example among many as to why storing patients’ medical records, financial data, and other personal information electronically is generally a bad idea – and something we have been warning against for years.
Back in 2016, for instance, we reported about how the push towards Electronic Health Records (EHR) would create a backdoor for government agencies to pry into the personal and private health data of Americans.
The Department of Health and Human Services (HHS) openly announced at the time that part of its Federal Health IT Strategic Plan 2015-2020 involved the “collection, sharing, and use of electronic health information to improve health care, individual and community health, and research.”
In other words, by converting patients’ medical records from paper to computer, Big Brother has successfully gained much easier access to what used to be private medical information – and hackers are apparently gaining access to it as well.
“The dark side of the data age rears its ugly head once again,” wrote one commenter at NBCNewYork.com. “Because companies insist on mandatory drug tests and Quest is a major vendor of these drug tests … who will be compensating those of us who have been compromised?”
“This is ridiculous. Quest should be shut down for such a brazen act of stupidity and negligence. Quest is trying deflect responsibility away from itself to blame its vendor. How narcissistic and stupid is that? Quest is responsible for this.”