Categories

Tag: Data Security

Health in 2 Point 00, Episode 61

On Episode 61 of Health in 2 Point 00, Jess and I are still in Tokyo—but this time we’re reporting from a famous whiskey bar. In this episode, Jess asks me about the most important takeaways from Health 2.0 Asia-Japan and the growing health tech market there. We also have two special guest stars today: Yuuri Ueda, the director of Health 2.0 Asia-Japan, tells us how loosening government regulations are opening up opportunities for more and more startups to break into telemedicine, and Fred Trotter explains how Japanese startups can learn from the U.S. in terms of data security and privacy. All this in (exactly) two minutes.

There’s so much more from Health 2.0 Asia-Japan that you all need to see, so keep an eye out on THCB for my three-point takeaway from the conference and be sure to watch Jess’s WTF Health interviews to hear from amazing people in the Asian health tech community —Matthew Holt. 

Why Anthem Was Wrong Not to Encrypt

Screen Shot 2015-02-22 at 7.23.57 AMBeing provocative isn’t always helpful. Such is the case with Fred Trotter’s recent headline ‒ Why Anthem Was Right Not To Encrypt.

His argument that encryption wasn’t to blame for the largest healthcare data breach in U.S. history is technically correct, but lost in that technical argument is the fact that healthcare organizations are notably lax in their overall security profile. I found this out firsthand last year when I logged onto the network of a 300+ bed hospital about 2,000 miles away from my home office in Phoenix. I used a chrome browser and a single malicious IP address that was provided by Norse. I wrote about the details of that here ‒ Just How Secure Are IT Network In Healthcare? Spoiler‒alert, the answer to that question is not very.

I encourage everyone to read Fred’s article, of course, but the gist of his argument is that technically ‒ data encryption isn’t a simple choice and it has the potential to cause data processing delays. That can be a critical decision when the accessibility of patient records are urgently needed. It’s also a valid point to argue that the Anthem breach should not be blamed on data that was unencrypted, but the healine itself is misleading ‒ at best.

Continue reading…