Electronic Health Records (EHR, EMR)

What goes wrong when medical records are transferred

And how to fix it
By Scott Rea
June 10, 2015
09:12 AM

The massive data breaches that struck CareFirst Blue Cross and Blue Shield, Anthem and Premera over the past year have sounded an alarm among healthcare IT. And with hackers eager to steal valuable patient data, it’s time the healthcare sector act more aggressively to secure private data.

Consider that, according to research from Gartner, close to 40 million healthcare records have been breached to date. That number, Gartner’s research suggests, is a conservative estimate because it takes into account only breaches of at least 500 individuals at a time.

And, the cost of a healthcare breach continues to climb, according to the Ponemon Institute, to about $363 per exposed personally identifiable record. That’s more than double the average cost of a data breach in other industries, and the trend holds across 11 industrialized nations. Our industry is a target, and we must do more now.

Securing patient data starts with encryption, but equally important is the use of strong identity authentication. Authentication guarantees that the sender and recipient of healthcare data are, in fact, who they claim to be.

To explain this, let’s imagine something as simple as a family practitioner referring a patient to a specialist. There are various formats in which data can be sent from one office to the other, and the sending and receiving providers need to both understand which are being used. The primary two ways are either sending the records via Directed Exchange, or by using the emerging FHIR, or Fast Healthcare Interoperability Resources, platform. 

The benefit of Direct is that it does not matter what formats are being used. The focus is on securing the transport method, irrespective of what the message content is. Essentially it’s a secured email solution for healthcare. As with email, the sender and the receiver have a Direct Address (like an email address), which is where information is either sent from or sent to, depending which side of a transaction the account holder is performing.

Digital certificates cryptographically bound to those addresses are used along with the infrastructure of the Internet to establish a secure channel between the two accounts. This then allows any data to flow over that secure channel without revealing any of its contents except to the intended receiver, guaranteeing that contents are not modified or deleted without either party knowing.

For FHIR, the process of transferring EHRs is a little more involved, but as long as both parties know and agree on which FHIR profile is being used, securing that transaction generally happens in a consistent manner. FHIR typically relies upon TLS security — which has been used in e-commerce transactions for many years now — to identify and authorize the parties exchanging data, and to secure and protect the data as it moves from one to the other. TLS certificates cryptographically bind FHIR end points (either a service location, or an application requesting data for its user) to their respective Internet locations, allowing a secure channel to be established.

TLS security requires strong validation of the parties involved in the secure communication. Typically credentials (digital certificates) that are only validated to the domain level do not provide strong enough assurance in the parties involved in the transaction. This is why the EV standard (think green bar in browsers) was established to ensure that appropriate identity proofing for e-commerce is employed. The EV process requires someone to pass several checks by an outside party to prove they are who they say they are and they are authorized to act on behalf of their company to get a certificate. Healthcare needs at least EV security, and perhaps even stronger measures. We also need to insist on two-factor authentication as a default standard.

Hackers know that they cannot break strong encryption, so instead they target HISPs (Health Information Service Providers) or FHIR implementers using weak cryptographic implementations when transferring EHRs. Similarly, absent two-factor authentication, hackers using clever spear phishing schemes can trick providers logging onto their HISP or healthcare app using FHIR into revealing their login credentials. 

With the dizzying amount of patient info being exchanged over the Internet on a daily basis, we’re way past the point where you can simply hope that data is protected. It’s critically important that we truly understand how data is moved, and then act to protect it as best we can.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Doctor smiles and waves into a laptop during a telehealth visit
VA plans to end telehealth copays and fund virtual care access in rural areas

Most Read

The Light Collective amplifies its call for patient data rights
Atrium Health responds to new social engineering attack
Epic and Oracle Health sign on to Veteran Interoperability Pledge
Vendor Notebook: New cybersecurity and EHR performance upgrades 
What providers need to know about ambient voice and EHR usability
HMIS integration with other public HIS sought and more India briefs

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

More Stories

Marjorie Rosen at HIMSS_Global Health Equity Week 2024
HIMSS chapters offer a powerful channel for healthcare advocacy
Returning service member with daughter
HIMSS launches veterans health IT workforce program
Morgan L. Waller, RN, of Children's Mercy Kansas City on telemedicine
Deep dive: Exploring one of the most advanced telemedicine programs in the U.S.
Person on laptop at kitchen table with another who holds up prescription bottle for telehealth doctor
ATA calls on Congress to beat the telehealth deadline, as it preps for Trump's term
Anurag Mehta at Omega Healthcare_Physician working on laptop Photo by Dzonsli/E+/Getty Images
Clinician burnout can be reduced by virtual nursing
Healthcare worker and patient watching doctor on screen
Discover the potential ROI of bedside telehealth
HKUST Provost professor Guo Yike presenting their new health LLMs
Hong Kong university to test four genAI models in...
A doctor in a virtual consultation with a patient
China to pilot standards for virtual primary care