A recent hacking attack on a small Illinois medical practice highlights the security risks involved in the transition to electronic health record systems, Bloomberg's "Tech Blog" reports.
About the Hacking Attack
Last month, the Surgeons of Lake County in Libertyville, Ill., announced that hackers had broken into a server where the medical practice stored emails and EHRs. Unlike most other data breaches, the hackers encrypted the information and demanded that the medical practice pay a ransom for the password to access the files.
The physicians refused to pay, turned the server off and alerted authorities. It is unclear whether Surgeons of Lake County had backup files or has recovered the information. The medical practice declined to comment on the situation.
Scott Otto, president of Surgeons of Lake County, in a statement said, "We are devoting significant people and technological resources to help protect patient confidentiality."
Incident Raises Concerns About EHR Security
Rick Kam -- president of ID Experts, a provider of health data breach prevention technology -- in an email wrote that given the number of health care providers adopting EHR systems, "many more" of these types of breaches could occur.
Dorothy Glancy -- a professor and digital privacy expert at Santa Clara University's law school -- said the Surgeons of Lake County incident shows the downside of the health care industry's shift to EHR systems. "This is a warning bell," she said, adding, "Maybe they're the canary in the coal mine that unpredictable things can happen to data once it's digitized" (Robertson, "Tech Blog," Bloomberg, 8/10).