Is your data as secure as you assume it to be?
I recently saw an image on the Internet depicting the iconic “cloud.”
Under it, the caption read “there is no cloud; it is just someone else’s computer.”
I want to let that sink in, and get past the humor to what it means to how consumers connect to providers and payers in our increasingly Internet-based society. Due to overuse of the terms “cloud” and “cloud-based,” many computer users are lulled into complacency, thinking that Internet data and applications are somehow regulated by one giant cloud. It conjures up an image of a white bearded man that many of us pray to on Sunday.
Let’s start with the basics. Your computer has software that we call a “browser.” This software allows us to connect to computers around the world. Your browser software connects to a modem. The modem connects with a company that provides Internet service, an Internet service provider, or “ISP.” Your browser software creates packets of data, and sends them to your ISP through your modem. Your ISP forwards those packets of information to the Internet, where they are picked up based on the “address” in the packet.
What could go wrong? Well, all the other people connected to the Internet can read your packets of data. Recently, all the major producers of browser software required the data being passed back and forth to be encrypted using something called SSL, a Secured Sockets Layer. This means that data going back and forth from your computer to another computer can’t be read by anyone but you and the computer to which you connect.
Our current system assumes that the companies we connect to are using encryption, and no one is stealing our information. Users of data, including healthcare data, can be lulled into providing more data than they should, because the data is residing on a large omnipresent cloud instead of someone else’s computer. This whole issue has been pushed forward on steroids with the advent of blockchain technology.
Consumers need to ask their healthcare IT teams the following questions, when looking at electronic health records:
- Is it true (does the data reflect what you know?)
- With whom are you going to share my data?
- How long are you going to keep copies of my data?
Remember, as consumers, we make contracts on data use all the time – so take care of yourself out there.