Blog

This October Hollywood will release its version of Facebook's genesis in a movie, The Social Network. It may seem a bit soon for the creation myths to start, both for the six-year-old product and its young founder (only 26), but we all know things happen faster online. Most of us can remember a time before Facebook and social media were the buzzwords of the day, but the details are starting to get hazy and the lines that separated our online identities have blurred considerably. Social media is not just a game for college students anymore; grandparents and corporations use it alike, and unlike in the early days, real money is being made.

For my part, I knew the writing was on the proverbial Facebook wall when I read that North Korea joined Facebook. It didn't matter that they were subsequently removed, then rejoined (I wonder if that'll be a new form of cold war: nations unfriending each other). I had to accept the fact that a country mostly known for its decidedly unfriendly actions toward the world and its own citizens is more cyber social than me, one of the last people in the world not to be on Facebook.

Do you remember the days of floppy disks? How about CDs? With increasingly more powerful USB sticks available for cheap prices, and large amounts of online storage up for rent, most of us don't think twice about sharing huge files with each other. As smart phones grow in popularity, we'll probably see a move toward using them as portable storage devices for everything from movies, music, and games, to e-books and documents. You could potentially share your entire "library" with friends and coworkers.

But what about that new person you met at a conference? Or even someone you start chatting to on a bus? Would you share a storage device or open up your phone to a stranger?

Those of us who use the Internet for banking and commerce know the risks involved in such activities, or at least we think we do. USA Today has two articles up this morning about cyberscams and theft, one on the pitfalls of electronic banking and the other on a new scam targeting those hunting for jobs online.

With new hospital data breaches reported on HIStalk today (in Pennsylvania and Texas), one tipster grumbled that "The Achilles right heel of HIT is failed privacy. The Achilles left heel of HIT is failed safety and efficacy." Right now most of these breaches are due to stolen computers and devices (like laptops) that rely only on password protection rather than full encryption. As more medical transactions move online, whether for records access or billing and scheduling, the threats currently facing other electronic ventures will inevitably focus on the medical world (which is rich with sensitive, identifying information).

That's why it's all the more important that people keep active watches on their online identities and activities. Banks are turning to customers to become active participants in their accounts' safety. Be aware of strange online requests, emails, or even instant messages, and keep tabs on how much your profile is spending online. As for the employment scams, remember that old adage: if it sounds too good to be true, it probably is.

If you're tired of hearing about meaningful use, there are other important health-related news items from last week.

First, the Department of Health and Human Services (HHS) granted increased detection powers to the Medicaid Fraud Control Unit (MFCU) of Florida, a state notorious for fraud. Normally, state MFCUs may not use matching federal money to sift through Medicaid claims information (they instead wait for referrals from their state's agency). Secretary Kathleen Sebelius waived this embargo last week, allowing the Florida MFCU to work directly with the information as part of an early fraud prevention and detection strategy.

The Department of Health and Human Services (HHS) unveiled new rules and a website devoted to health data privacy last week. According to the press release, this update to HIPAA involves

• "expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans.
• requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;
• setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and
• prohibiting the sale of protected health information without patient authorization."

The website itself looks like a good compilation of resources relating to privacy, complete with a survey where you can give feedback to HHS on their work. I give kudos to the developer for getting that information in a single screen that's easy to skim (even if the survey picture looks very mid/late '90s). Check it out.