DHS: U.S. health care records are the target of foreign hackers

U.S. health care records come under attack just as HIPAA compliance rules are announced.

According to a recent article in Federal Computer Week, foreign criminal hackers are targeting American health records.

Mark Walker of DHS Critical Infrastructure Protection Division recently told a National Institute of Standards and Technology workshop that the hackers' primary motive seems to be espionage. For example, any health problems among the nation's leaders would be of interest to potential enemies, he said.

Walker cited two events from 2007. In one, a virus was placed on the Centers for Disease Control and Prevention Web site. In another, there was a known data breach in the Tricare records for the Military Health System.

The Department of Homeland Security wants to build a database of health care-related data breaches. At present, Walker told the workshop that the DHS only has a vague understanding of data loss connected with health care services.

On a related note, the U.S. Department of Health & Human Services has outlined the bases and procedures for imposing civil money penalties on covered entities that violate any of the Health Insurance Portability & Accountability Act of 1996 (HIPAA) Administrative Simplification Rules. The Centers for Medicare and Medicaid Services (CMS) will enforce HIPAA Transactions and Code Set Standards, while Office for Civil Rights will enforce Privacy Standards. The final rules for security compliance cover specific areas of data storage, such as who must be interviewed regarding compliance, and what aspects of the company's IT security policy must be reviewed.

About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.


    Discuss DHS: U.S. health care records are the target...

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Articles from CNET
    Facebook shares its diversity training course with all