Health care the new playground for identity thieves

Summary:If you're in the medical field you are a merchant, and you need a merchant's data security.

Everyone knows that retail data is at risk. But health care data is just as big a problem.

Identity thieves know it.

I was honored to talk yesterday with Michael Maloof, CEOCTO of TriGeo Network Security. He was flogging a recent report from the Identity Theft Resource Center indicating that health care suffered 26.3% of all commercial security breaches last year. That's second to retail's 40.5% but well ahead of any other economic sector.

Contrary to what you may suppose, they're not really after your health records. Unless you're famous or an Octomom, they don't care about the secret hangnail you suffered in fourth grade.

They just want your money.

With the records in any hospital or clinic, they can get it. "If they have your Social Security Number, your address and date of birth they can take your persona, pretend to be you," Maloof said.

They can get credit in your name and run up the bills. You may not be charged, because "fraud costs are built into the system," but merchants will be, and those costs will eventually find their way into the prices you pay.

Too many health systems have awful security, Maloof added. "I've seen institutions where every doctor uses the same ID – The Doctor. And the password is known. That's an easy access point for the hacker."

TriGeo offers an appliance that can sit behind your firewall, track user traffic, and detect problem patterns, even detect when someone is plugging in a USB thumb drive. This not only protects against outside criminals, but disgruntled insiders.

Most of the company's prospects are in the mid-market range, hospitals with anywhere from 250-1,000 employees. They may have an Information Technology team but they probably don't have a security expert on staff. At $20-40,000, then, TriGeo's software becomes that security employee.

Don't worry if you're smaller. "In early December we'll announce a virtual version of our appliance which brings the cost down further, and people will start using cloud based services. You'll get it from a service provider."

Just so long as you get something. And use it. If you're in the medical field you are a merchant, and you need a merchant's data security.

Topics: Legal, Enterprise Software, Tech & Work


Dana Blankenhorn has been a business journalist since 1978, and has covered technology since 1982. He launched the Interactive Age Daily, the first daily coverage of the Internet to launch with a magazine, in September 1994.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.