Experts: Medicare computers can be hacked
Experts: Medicare computers can be hacked
Private contractors should be monitored
The financial data and patient records of 39 million Medicare beneficiaries stored on computers throughout the nation’s health care facilities are not secure, according to security experts who testified recently before Congress. The records are vulnerable both to outside computer hackers and unscrupulous workers with access, the security experts said. They told a House investigative subcommittee that the Centers for Medicare and Medicaid Services (CMS) should exert more control over private contractors who run the agency’s computer networks linking providers and insurers with CMS’ headquarters in Baltimore.
CMS recently improved some computer security measures, but Joseph E. Vengrin, assistant inspector general for audits at CMS, says there still is a lot of room for improvement. In particular, CMS cannot guarantee the security of passwords among employees with access to sensitive medical and payment information, he says. CMS contracts with private companies such as IBM and AT&T to administer its nationwide computer network.
"We remain concerned that inadequate internal controls over Medicare operations leave the program vulnerable to loss of funds, unauthorized access to and disclosure of sensitive medical information, and malicious changes that could interrupt data processing or destroy data files," he says.
Vengrin’s office issued a report showing that computer programmers working on the system had access to payment records and medical information — information they did not need and should have been barred from accessing. Another investigation performed by a private security firm showed that hackers could access CMS’ network through the agency’s web site.
The good news is that the risk seems theoretical, so far. Neither the agency nor its contractors has ever had an outside break-in that threatened the security of sensitive information, says Jared Adair, CMS deputy chief information officer. Adair says CMS recently doubled to 60 the number of people dedicated to computer security, and the agency has asked Congress for $30 million to improve security.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.