As I See It

Of hacker-princes and the cloud

Thank goodness we’ve “evolved” beyond paper.

By Paul S. Koch, MD, Editor Emeritus

I think we all understand the need for keeping private information a secret. What is difficult to comprehend is our wholesale abandonment of paper medical records for the disk, as it has created a new nest of security problems that have hatched, are chirping and demanding to be fed.

BEWARE THE HACKER-PRINCES

Nigerian princes, frustrated that no one would help them move their millions to America, decided one day on a new venture. They realized they could create real fortunes if they could capitalize on security lapses to gather information from our health records. In the old days that would mean breaking into our offices with a high-speed scanner, but now they can tap into the colorless cloud and gather the bits and bytes that float there, unarmed.

Our local computer warriors are aware of such risks, and know that a stolen list of numbers could give the hacker-princes power. Eye doctors in particular have many secret numbers and our files would be a prime target. The princes undoubtedly have figured out how a list of spheres, cylinders and axes could bring down a government.

Such information, when kept secret, promotes national harmony, but if posted by an avowed hacker could bring mayhem to our shores. Once Mr. A, a proud -5 learns that Miss B is a +2, he will no doubt wonder about their compatibility. Perhaps he should cast his eye towards Lady C the astigmat, and form a club together. The country’s leaders will of course be with the rule, and the rebels against it.

SECURITY MEASURES WORTHY OF MI-5

No, we must keep such information secret. That is why we have suffered log-ins, names and passwords. You might think one of each would be enough, but timidity has no role in refraction security. A log-in using your name, and then your name again consisting this time of your name in a different format, is merely the beginning. Next you need a password consisting of letters, numbers, punctuation, your mother’s maiden name and the color of your first car.

This password will be needed for every access to a patient’s record, so master typing it quickly before the month ends, when you must create a new one.

BACK TO THE FUTURE?

Ah, but take solace in knowing that your most private communications — letters between yourself and the consultant — are safe and unhackable because they are not permitted to pass through the cloud. You are reassured knowing that while last month’s technology is already vulnerable, your correspondence will race unseen through 100-year-old telephone wires to a 30-year-old fax machine.

While we have a complicated digital file box that requires daily virus scans, firewalls and snipers to keep up with the bad guys, we must also acknowledge we used to have the most secure system the world has ever seen: If you are worried about security, throw away the computer and go back to paper. The criminals will go crazy trying to crack a doctor’s handwriting. OM

Paul S. Koch, MD is editor emeritus of Ophthalmology Management and the medical director of Koch Eye Associates in Warwick, RI. His email is pskoch@clarisvision.com.