How much is your life worth to hackers? On the black market, the going rate for your social security number is 10 cents. Your credit card number is worth 25 cents. But your electronic medical health record (EHR) could be worth hundreds or even thousands of dollars.
EHRs offer significant benefits compared to previous paper-based systems and have been adopted by over 96% of critical care hospitals and over 83% of regular hospitals. While digitization overcomes many of the inefficiencies and fragmentation that plagued healthcare providers, your patient records are now also more susceptible to hacking and theft.
In 2014, Robert Lord, a former designer for analytics systems for Bridgewater Associates, joined forces with Nick Culbertson, a former Special Forces operator, when they were students at The John Hopkins University of Medicine to create a AI-powered system to combat hacking and unauthorized access to electronic medical records. They co-founded cybersecurity company Protenus to scale their technology to entire healthcare industry. Applying AI to the bureaucratic and risk-averse medical space is challenging, but both investors and hospitals have applauded Protenus’ unique approach.
According to Lord, EHRs contain a wealth of exploitable information which attracts hackers. “Your EHR contains all of your demographic information – names, historical information of where you live, where you worked, the names and ages of your relatives, financial information like credit cards and bank numbers” he explains. If that isn’t scary enough, there’s also data about your past medical history, including every doctor’s visit you’ve made and diagnosis you’ve received. “The medical record is the most comprehensive record about the identity of a person that exists today,” Lord emphasizes.
You can cancel credit cards and change social security numbers, but “your EHR is immutable” according to Lord. If there is a breach, hackers can potentially blackmail you for a lifetime. If your medical record contains sensitive protected health information (PHI) such as cancer diagnoses, sexually transmitted diseases, or psychological conditions, you could be subject to public embarrassment or political assassination. During the 2016 election, fake electronic health records for Democratic candidate Hillary Clinton were publicized that raised questions about her health and may have contributed to her loss.
Hackers have many methods for attacking EHR systems from the outside, including “spoofing” an EHR client to believe the access is legitimate and intercept messages between EHRs with a “man in the middle” attack. Hospitals and vendors combat these strategies with approaches like encryption and strategic scrambling of personal health information, known as “de-identification”. Hackers also hijack insecure EHR systems, replace encryption keys with their own, and extort hospitals for money in exchange for returning the access. This type of attack, known as ransomware, is particularly effective against hospitals who need real-time access to patient data for critical operations and must pay up.
Surprisingly, most attacks and data breaches don’t come from external hackers, Lord reveals. “The majority of all inappropriate accesses to EHRs comes from the inside. They involve nurses or doctors, billing specialists, or administrators who have legitimate reasons for having access to systems but who abuse that access for revenge, financial gain or just plain curiosity”. In 2016, 450 breaches occurred, affecting 27 million patient records. Of those, a 120 incidents resulted from outside hacking, while 200 – over 65% more – came from insider actions.
“We recognize that EHRs are living documents,” explains Lord, “so we’ve built an AI that is able to monitor how individuals interact with the EHR and associated systems, building a unique profile of every workforce member’s clinical and administrative workflow”. By analyzing the action taking in hospital records, Protenus can differentiate between routine access and illegal or malicious access. For example, an individual might suddenly access an unusually large number of records for their role or access “high risk” profiles such as those of celebrities.
Protenus’ approach works largely by deeply understanding how every individual in a hospital accesses health records examining thousands of dimensions – temporal, geospatial, clinical, role-based, etc – to identify patterns and anomalies. Anomalies can then be escalated to human privacy and security officers for detailed review. Each hospital and medical professional works differently, so Protenus personalizes itself to take into account each organization’s unique patterns. By aggregating patterns and learning, though not actual patient data, from across the industry, the company can offer a highly accurate baseline even from day one. In addition, the system becomes continuously smarter and more effective over time, learning exponentially as its customer base grows.
The challenges of EHR stewardship remain a topic of debate, even with the added security from companies like Protenus. Should hospitals and insurance companies – which are not experts in technology and cybersecurity – own your sensitive medical information? One potential solution, supported by consumer advocates, is the use of public escrow accounts. In this case, medical records are kept by escrow agencies on behalf of the patient and accessed by third-parties only with your permission.
Unfortunately, recent efforts by Congress and the Trump administration increase the difficulty of protecting your health records against illegal abuse. Most ominously, the Preserving Employee Wellness Programs Act, may give current and potential employers access to patient electronic health records, introducing yet another exploitable channel to your private data. Organizations such as the Electronic Freedom Frontier are actively working to oppose such bills and restore a modicum of privacy to medical records.
Like any new digital technologies, the benefits of EHR must be weighed against the risks of theft and misuse. Consumer education and advocacy are key to ensuring that your medical records are kept safe.