WASHINGTON — The nation’s push to computerize medical records has failed to fully address long-standing security gaps that expose patients’ most sensitive information to hackers, government investigators warn.

Two reports released today by the inspector general of the Health and Human Services Department find that the drive to connect hospitals and doctors so they can share patient data electronically is being layered on a system that already has glaring privacy problems. That could open new pathways for hackers, investigators say.

The market for illicit health care information is booming. In recent years, the case of a former UCLA Medical Center worker who sold details from the files of actress Farah Fawcett, singer Britney Spears and others to the National Enquirer gained notoriety.

Most cases don’t involve celebrities or get much attention. Yet fraud perpetrators covet health care records, since they contain identifiers such as names, birth dates and Social Security numbers that can be used to construct a false identity or send Medicare bogus bills.

The shortcomings in the system “need to be addressed to ensure a secure environment for health data,” said the main report.

 


Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.