Skip to content
  • About
  • Contact
  • Contribute
  • Book
  • Careers
  • Podcast
  • Recommended
  • Speaking
  • All
  • Physician
  • Practice
  • Policy
  • Finance
  • Conditions
  • .edu
  • Patient
  • Meds
  • Tech
  • Social
  • Video
    • All
    • Physician
    • Practice
    • Policy
    • Finance
    • Conditions
    • .edu
    • Patient
    • Meds
    • Tech
    • Social
    • Video
    • About
    • Contact
    • Contribute
    • Book
    • Careers
    • Podcast
    • Recommended
    • Speaking

Health IT: The weakest links in a system are actually the people who use it

Kerri Vincenti, MD
Tech
May 25, 2016
Share
Tweet
Share

Among the plethora of emails that I receive on a daily basis, there seems to always be at least one sent from my hospital’s information services department. Usually, I receive alerts about system downtime or notifications about resolved tickets. They all have the same general look and feel, and so I hardly ever question that they are official. And then I come across a communication with the message similar to the one below. It certainly seems innocent enough, and what’s worse: believable.

Attention valued employee:

Information Services is deploying a new self-service tool to help users reset their own network passwords.  Below are the steps you will need to get set up.

Step 1: Register by clicking the following link.  Answer at least 5 of the 10 identification questions.

Step 2: If you forget your network password, you will be asked to answer 3 questions correctly in order to reset your password. You can begin this step here!

But in the end, this email turns out to just be spam, likely an attempt from an outside hacker to gain access to my hospital’s system.  The hackers don’t necessarily care about my personal information nor are they looking to steal the identity of one sole doctor; they are looking to wreak havoc on an organization and potentially make a lot of money in the process.

Whether we want to admit it or not, the weakest links in a system are actually the people who use it. Unfortunately, data thieves use this fact to their advantage to collect usernames and passwords to gain access via malware or, so called, Trojan horses. Once inside, although there are certain firewalls and checkpoints in place to promote security, the system is far less protected because it assumes that users who have access are supposed to be there. This gives hackers the ability to affect the function of interconnected networks, spread viruses among email recipients, and, what’s worse, access massive amounts of patient information to use however they see fit.

Unfortunately, this threat to our patient data is not purely hypothetical. In recent months, there have been a number of articles published about public institutions such as hospitals and police departments that have been caught seemingly off guard by hackers who don’t use their skills in order to shut down a system but rather to hold it hostage. Hackers simply gain access, funnel the data, and demand a “price” for its safe return. This so-called ransomware can be especially troublesome for hospitals and health care practices as electronic medical records (EMRs) are overtaking the “need” for paper charts.

And so hospitals and providers are caught between a rock and hard place as EMRs help make their system both more efficient and more vulnerable. To complicate matters more, paper charts aren’t even really an option anymore. As of January 1, 2014, under the American Recovery and Reinvestment Act, all public and private health care providers and other eligible professionals were expected to adopt and demonstrate meaningful use of EMRs in order to maintain their existing Medicaid and Medicare reimbursement levels. Penalties exist for those who don’t comply.

But the answer is not to blame EMRs and new technology for the problem. Especially as a physician, I see firsthand how invaluable EMRs are and how my ability to provide accurate interpretations relies so heavily on good information in the medical record.  We must be conscious of the fact that the health record is a part of the patient. We must protect it as best as we can so as not to do harm to the person it represents. We must take some responsibility in keeping our patient data safe by doing our due diligence to pay attention to these new threats and to know whom to contact within our health system with questions about their legitimacy.  In doing so, we certainly won’t protect our hospitals from every cyber threat, but at least we will do our part to help make our link to it a little bit stronger.

Kerri Vincenti is a radiology resident. 

Image credit: Shutterstock.com

Prev

Maybe it's time to go back to index cards for medical records

May 25, 2016 Kevin 22
…
Next

Nurses take DC to save patient lives

May 25, 2016 Kevin 35
…

Tagged as: Health IT

Post navigation

< Previous Post
Maybe it's time to go back to index cards for medical records
Next Post >
Nurses take DC to save patient lives

ADVERTISEMENT

More by Kerri Vincenti, MD

  • Residency and family: How this resident finds balance

    Kerri Vincenti, MD
  • We are clinicians in the era of information overload

    Kerri Vincenti, MD
  • What does quality mean in the eyes of a patient?

    Kerri Vincenti, MD

Related Posts

  • Are negative news cycles and social media injurious to our health?

    Rabia Jalal, MD
  • How social media can help or hurt your health care career

    Health eCareers
  • Sharing mental health issues on social media

    Tarena Lofton
  • 3 ways to advance the credibility of online health information

    Robert Pearl, MD
  • Why do people hate Obamacare?

    Julie Rovner
  • Digital health equity is an emerging gap in health

    Joshua W. Elder, MD, MPH and Tamara Scott

More in Tech

  • How digital tools are reshaping the doctor-patient relationship

    Vineet Vishwanath
  • The promise and perils of AI in health care: Why we need better testing standards

    Max Rollwage, PhD
  • 3 tips for using AI medical scribes to save time charting

    Erica Dorn, FNP
  • Would The Pitts’ Dr. Robby Robinavitch welcome a new colleague? Yes. Especially if their initials were AI.

    Gabe Jones, MBA
  • Generative AI 2025: a 20-minute cheat sheet for busy clinicians

    Harvey Castro, MD, MBA
  • Why public health must be included in AI development

    Laura E. Scudiere, RN, MPH
  • Most Popular

  • Past Week

    • Why are medical students turning away from primary care? [PODCAST]

      The Podcast by KevinMD | Podcast
    • Why “do no harm” might be harming modern medicine

      Sabooh S. Mubbashar, MD | Physician
    • How New Mexico became a malpractice lawsuit hotspot

      Patrick Hudson, MD | Physician
    • Why doctors are reclaiming control from burnout culture

      Maureen Gibbons, MD | Physician
    • Why medical schools must ditch lectures and embrace active learning

      Arlen Meyers, MD, MBA | Education
    • Why public health must be included in AI development

      Laura E. Scudiere, RN, MPH | Tech
  • Past 6 Months

    • Why tracking cognitive load could save doctors and patients

      Hiba Fatima Hamid | Education
    • Why are medical students turning away from primary care? [PODCAST]

      The Podcast by KevinMD | Podcast
    • What the world must learn from the life and death of Hind Rajab

      Saba Qaiser, RN | Conditions
    • Why “do no harm” might be harming modern medicine

      Sabooh S. Mubbashar, MD | Physician
    • Here’s what providers really need in a modern EHR

      Laura Kohlhagen, MD, MBA | Tech
    • Why flashy AI tools won’t fix health care without real infrastructure

      David Carmouche, MD | Tech
  • Recent Posts

    • Why medical schools must ditch lectures and embrace active learning

      Arlen Meyers, MD, MBA | Education
    • Why helping people means more than getting an MD

      Vaishali Jha | Education
    • How digital tools are reshaping the doctor-patient relationship

      Vineet Vishwanath | Tech
    • Why evidence-based management may be an effective strategy for stronger health care leadership and equity

      Olumuyiwa Bamgbade, MD | Physician
    • Why health care leaders fail at execution—and how to fix it

      Dave Cummings, RN | Policy
    • Residency match tips: Building mentorship, research, and community

      Simran Kaur, MD and Eva Shelton, MD | Education

Subscribe to KevinMD and never miss a story!

Get free updates delivered free to your inbox.


Find jobs at
Careers by KevinMD.com

Search thousands of physician, PA, NP, and CRNA jobs now.

Learn more

View 3 Comments >

Founded in 2004 by Kevin Pho, MD, KevinMD.com is the web’s leading platform where physicians, advanced practitioners, nurses, medical students, and patients share their insight and tell their stories.

Social

  • Like on Facebook
  • Follow on Twitter
  • Connect on Linkedin
  • Subscribe on Youtube
  • Instagram

ADVERTISEMENT

  • Most Popular

  • Past Week

    • Why are medical students turning away from primary care? [PODCAST]

      The Podcast by KevinMD | Podcast
    • Why “do no harm” might be harming modern medicine

      Sabooh S. Mubbashar, MD | Physician
    • How New Mexico became a malpractice lawsuit hotspot

      Patrick Hudson, MD | Physician
    • Why doctors are reclaiming control from burnout culture

      Maureen Gibbons, MD | Physician
    • Why medical schools must ditch lectures and embrace active learning

      Arlen Meyers, MD, MBA | Education
    • Why public health must be included in AI development

      Laura E. Scudiere, RN, MPH | Tech
  • Past 6 Months

    • Why tracking cognitive load could save doctors and patients

      Hiba Fatima Hamid | Education
    • Why are medical students turning away from primary care? [PODCAST]

      The Podcast by KevinMD | Podcast
    • What the world must learn from the life and death of Hind Rajab

      Saba Qaiser, RN | Conditions
    • Why “do no harm” might be harming modern medicine

      Sabooh S. Mubbashar, MD | Physician
    • Here’s what providers really need in a modern EHR

      Laura Kohlhagen, MD, MBA | Tech
    • Why flashy AI tools won’t fix health care without real infrastructure

      David Carmouche, MD | Tech
  • Recent Posts

    • Why medical schools must ditch lectures and embrace active learning

      Arlen Meyers, MD, MBA | Education
    • Why helping people means more than getting an MD

      Vaishali Jha | Education
    • How digital tools are reshaping the doctor-patient relationship

      Vineet Vishwanath | Tech
    • Why evidence-based management may be an effective strategy for stronger health care leadership and equity

      Olumuyiwa Bamgbade, MD | Physician
    • Why health care leaders fail at execution—and how to fix it

      Dave Cummings, RN | Policy
    • Residency match tips: Building mentorship, research, and community

      Simran Kaur, MD and Eva Shelton, MD | Education

MedPage Today Professional

An Everyday Health Property Medpage Today
  • Terms of Use | Disclaimer
  • Privacy Policy
  • DMCA Policy
All Content © KevinMD, LLC
Site by Outthink Group

Health IT: The weakest links in a system are actually the people who use it
3 comments

Comments are moderated before they are published. Please read the comment policy.

Loading Comments...