Access To Clinical Data Too Easy Via Phone

Lately, I’ve had reason to be in touch with my health insurance company, my primary care doctor and multiple specialists.  In speaking with each, what I’ve noticed is that the data they collect to “protect my privacy” isn’t likely to do a good job. And I’ve been wondering whether an EMR can actually help tighten up access.

When I called to discuss clinical matters, both the payer and providers asked for the same information: My date of birth, my street address and my name. As far as I know, folks, you can get all of that information on a single card, a driver’s license.  So, anyone how finds or steals or has access to my wallet has all the info they need to crawl through my PHI.

So, OK, let’s say providers and payers add a requirement that you name the last four digits of your social security card.

There’s a few problems with that approach. First, anyone who has your wallet may well have your Social Security Card.  Second, storing patients’ SSNs in the clear in an EMR is an invitation to be hacked, as the SSN is the gold standard for identity theft. Third, if you want to store them in a form that only allows the last four digits to be read, that’s another function you need to add to your system.

So, what’s the solution? Would it work to have patients identify which doctor they see (something a thief wouldn’t know) or a recent treatment or procedure they’d had?  Probably, although some patients — forgetful elderly, or the chronically ill with multiple providers — might not remember the answers.

Seems to me that when there’s universal use of patient portals by both providers and payers, this problem will largely go away, as patients will be able to be looking at their own records when talking to providers. This will make a more sophisticated security screening possible.

But in the mean time, I’m troubled to know that my payer and several of my doctors use a security method which can be so easily compromised.  Do any of you have suggestions as to what those offices might do in the interim between now and when they have a useful portal to offer?

About the author

Anne Zieger

Anne Zieger

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.


  • While a Patient Portal or some such method may seem more secure, it is almost as easy to ‘hack’ into a patient’s userid and password. Perhaps easier and more likely than someone’s wallet being stolen with social security card. Many unsophisticated users make their passwords too easy to identify.

    For anyone bent on stealing identity, us mere mortals are no match.

  • How about another password, or secret code, as my kids say, as they block me from passing through a doorway.

  • The EHR can require the in office user to enter the last 4 digits of the SSN into the system, which ought to be able to encrypt them to check against the previously stored data. Same thing could be added to the patient portal login, which at sign up time should require a decent but not absurd password.

  • I’ve been thinking about this quite a bit lately. A few weeks ago, I called my son’s pediatrician’s office to set up a patient portal. All they asked was my son’s birthdate and name, and then an email address, and they sent me a password and username…I was a little shocked at how little security there was in setting it up — anyone that knew when my son was born could have done it!

  • My cable company is a lot picker then that. Though they may have seen who you were from Caller ID plus you saying who you are, though I don’t consider that quite enough.

  • I agree. I think EMRs can be great if used effectively, but it does allow more people access to medical records, causing possible privacy issues.

  • We turned on 2 level authentication, like Facebook, Healthvault, PayPal and other services. It’s surprising though how few people enable this. I suppose the dictum that convenience trumps privacy is true for everything.
    Unlike money, healthcare is more difficult to leverage for financial gain to the usurper although in some places services can be received when they otherwise would be denied so the risk may be lower but still storing that information does enable someone to hack these systems to gain information to get at and steal other goods.
    I’ve always said that until the patient is the primary user of the EMR we’ll all never get the return on investment that we’ve made. When this happens then we can tighten things up but at the same time some patients will willingly give access to others so the solution in my mind is to separate the identifiers used in medicine from the identifiers used in financial transactions. Doing so would strengthen everything.

Click here to post a comment