The U.S. Department of Justice arrested 243 people this week for fraudulent activity in the healthcare system — and now many are asking questions about the future of healthcare, its security, and how technology is both a boon and a bane for ensuring against fraud. Attorney General Loretta Lynch said the bust that totaled over $712 million was “the largest criminal health care fraud takedown in the history of the Department of Justice.” And her words have sent a ripple through the healthcare tech industry — particularly as all eyes are on the growth of mobile and its integration into the world of health.
Last year, the Federal Bureau of Investigation warned against the potential for fraud in the healthcare industry and its technical vulnerabilities. The Bureau advised that the potential for cyber intrusions is even worse for healthcare than it is for the financial or retail sectors, and especially because health data is more valuable to hackers since it includes financial and classified identity-related information. While the 243 people arrested for fraud weren’t hackers — instead doctors and nurses — the money they were able to fraudulently accrue exposes the holes in the U.S. healthcare system and leaves many worried about its potential worsening as newer technologies are brought onto the scene.
As mobile tech slowly but surely becomes a more mainstream part of the healthcare industry, there will be more end points for vulnerability, more channels through which hackers can access personal information. More mobile devices means more avenues for cyber exposure. (Indeed, this week Samsung says it is addressing a flaw in all of its 600 million Galaxy smartphones that allows hackers to gain access to users’ devices.) Naturally, the concern is there for when millions upon millions of devices are equipped with health-related data that could be easily accessible to hackers — whose intent could be fraud, or worse.
And the U.S. isn’t the only country considering how to balance the integration of mobile into the healthcare scene. The European Data Protection Supervisor Giovanni Buttarelli recently released an opinion on mobile health, saying that there has to be a healthy blend of allowing new technologies onto the scene, while ensuring the protection of data. One of his suggestions for looking ahead to the proper regulation of mobile health (or mHealth) is to “enhance data security and encourage the application of privacy by design and by default through privacy engineering and the development of building blocks and tools.”
The game of seesaw here is fostering an environment for technological innovation for healthcare while ensuring the security and privacy of patients’ sensitive medical data. It is clear that — at least in the U.S. — provisions must be in order to better safeguard against fraud in general, and even more so at the deep level of cyber activity.