A win-win for the patient – and clinician and hospital

hctablet_5.jpg

It’s a perennial complaint – especially by patients with serious medical conditions requiring ongoing treatment – that they see themselves losing control of the situation in which they find themselves.    To that are added 2 principal concerns.    First, how is the whole situation going to be “managed” from a financial perspective?- a la the cost of treatment, inability to earn income, attending to daily routine matters, etc. etc.   Secondly, and no less importantly, patients are frustrated by medical and hospital record-keeping systems being inadequate with the result that things simply “fall between the cracks” .  The patient’s needs are then often not appropriately addressed.

Leaving to one side that the “system” is simply not geared to assist patients in the myriad of ways they might need apart from their medical requirements – think, for example, securing financial advice, obtaining legal advice and getting documents such as powers of attorney (medical and otherwise) prepared and how is the whole situation in which the patient finds her or himself to be dealt with domestically from a practical point of view – the starting point for any patient should be taking control of their own medical details and records.

For a patient embarking on cancer treatment (which may be for many months, being pregnant or ongoing heart issues) the ability to effectively communicate and inter-act with their clinician or hospital must see a win-win for both patient and the medical “side”. Keeping a diary might be one thing, but being able to provide the medico or hospital with a short spreadsheet-like document which succinctly records how the patient has been “doing” and questions and comments can only be a plus in the “management” of the patient.

What needs to be remembered in all of this is that medicos and hospitals are busy and record-keeping at both are far from ideal, let alone readily accessible – and the patient in an unfamiliar milieu apart from likely suffering from poor memory (what was I going to “report” and ask?) and white coat syndrome.

HealthBank provides the perfect solution for the patient to present at a clinician or hospital armed with important information, comment and questions.       Easy to print out or even email ahead of a consultation or hospital visit.     In addition to this practical way of assisting the patient in her or his inter-activity with the medico or hospital, is the ability with LifeBank to have one’s medical information and reports at immediate hand.    To rely on the medico or hospital to have it is being unduly optimistic.       Let FierceHealthcare have the last word on the subject of electronic health records:

“But EHRs [Electronic Health Records] -the cornerstones of HIE and interoperability -are still faltering. The systems still can’t adequately support patient safety research, despite their vast repositories of data, a recent study found. The researchers were unable to access some of the data, the data itself was too variable to make automated comparisons and IT personnel had competing priorities, most notably the Meaningful Use program requirements and EHR upgrades. While patient improvement research should be a priority, the researchers stated, it’s not.

Then there’s a scathing viewpoint article from doctors at Stanford University School of Medicine and the VA Palo Alto Health Care System in Menlo Park, California lamenting that while physicians are increasingly dependent on EHRs for diagnosis, monitoring and treatment in this ever more complex clinical environment, the software systems don’t support them. EHRs, they said, haven’t kept up with the technology, can’t integrate generalized information about patients at risk, don’t include social and behavioral factors and are overloaded with alerts and workload interruptions.

The authors added that EHRs were built for billing, not treatment, that doctors are “building resentment” against the “shackles” of EHRs and that “every additional click inflicts a nick on physicians’ morale.” Ouch.”

 

 

 

 

Sage advice

If the greatest generals ever in history were looking at the overall objectives and considering the most appropriate strategies to meet their ends, they would firstly agree today’s problem is that the internet is at risk of imploding (45% no longer bank or shop online) due to a breakdown of Trust (being at an all-time low at 41% with banks in the UK, for example) due to concerns about online Privacy (number one concern for 92%).  Their objectives therefore would be to address the Privacy issue, restore Trust, and ensure the promise of the internet delivered global growth.  They would review the tactics deployed to safeguard Privacy and come to the conclusion that security has not and will not work – they would have some messenger explain to the Command in Chief or Royalty (if not directly involved) that the governance regime agreed with Data Protection legislation was not driving the right tactical behaviour.

Most importantly, the generals would ensure that they moved online private data somewhere safe, offline.  That would be the key to their strategy.  They would deploy the most impressive weapons in the War for the Internet (or War of Independence II) to ensure that the outcome of their strategy was realised.  They would ignore the advice from the security pedlars and take matters into their own hands – they would be the leaders that made them originally stand out.  They would ally themselves with LifeBank.

Following on from the Press reports of Windows and Android vulnerabilities last week, the battle against Cloud hackers seems to be losing ground again as Oracle’s payment software as well as Sage accounting software were also breached in the last week.  The latter exposes some 280 UK firms.  Add that together with Cryptolocker ransomware that this week affected a Cloud-hosting provider of one accountancy business I know that has since rendered the business out of action…. well, it’s not pretty reading.

Our tactics have been wrong from the outset.  We have relied on defences that don’t work – I’m talking about security measures to (a) safeguard private data, and (b) be compliant with data protection imperatives.  If we wish to defend the rights of individuals within our community so that their Privacy is not compromised,  let us change the strategy.  We should continue to do the security stuff, because that will keep the hackers distracted from our real intent, whilst using up their limited resources doing their ‘hacking thing’ but which will proffer them nothing.  Indeed, we should continue to take out cyber insurance – it’s not expensive, and it provides the Board peace of mind.

The generals in today’s world are the captains of industry, CEOs, and head of public bodies that are charged with defending us and our investments.  The best weaponry available in their armoury is LifeBank.  The accountancy business in the above ransomware example had not realised that the security provision was defective, as indeed are they all – despite the ongoing warnings.  But like a true general, said business has now taken steps to engage with LifeBank and beat the hackers.

I would be foolish to tell the hackers how LifeBank will defeat them.  We are perfectly happy with the strategy that hackers are following and we are happy for them to waste their resources in the future.  We don’t want hackers to change their strategy.  Suffice to say, by deploying LifeBank, hackers will not have access to private data.  And suffice to say, LifeBank is a lot more affordable than the imperfect security weaponry, and more easily deployed, ongoing, for ever.

LifeBank ensures that today’s generals limit their collateral damage.  Small pockets of the population are already showing their gratitude.  Increasingly customers and employees are urging generals to take the right course of action.  The enterprising generals – the real leaders – are engaging with LifeBank, winning their battles, and realising their objectives. Email info@lifebanksystems.com today (or follow @NomadSquire on Twitter) for more information, but bear in mind that most wars are won through excellent communications, so share this post, email it, and spread the word.  Long live the internet!

Securing one’s health…..plus a “lifesaver”

We are all familiar with the saying “health is wealth” – in the sense of that being well is something valuable.    But, on one level, your “health” may be challenged in ways you might not have thought about.  For instance, identity theft, or a record of your health having been hacked at some third party and  “out there” for all the world to see.

“Sixty-two percent of baby boomers, in fact, use technology to access their health records, while 50 percent engage with health IT tools to request prescription refills, and 43 percent to ask their providers care-related questions.

When asked what was the preferred platform of interaction with a medical group, 35 percent listed online patient portal; phone calls, 29 percent; emails, 21 percent; mobile application, 8 percent; and text messaging, 7 percent.”

                                                                                                                                   HealthcareITNews

All well and good harnessing technology as some seem to want to do.      But reflect on the vulnerabilities where details of your health might be captured.

90.jpg

And this can hardly give one any comfort:

“The Federal Bureau of Investigation sees increasing pressure from hackers trying to access patient information from providers.

Recent events suggest that the pressure may be rising, as offers to sell patient records with protected health information on the “Dark Web” market represent a new level of threat for healthcare organizations trying to protect health information.

In late June, a hacker known as “The Dark Overlord” reported the theft of nearly 10 million patient medical records from providers and a major insurer and put them on the Dark Web market where hackers conduct buy and sell data taken from a variety of sources. As of this writing, the records have not been sold, and the seller may be having trouble selling the treasure trove of protected health information.”

HealthDataManagement  

But it gets worse:

“Market pricing on the Dark Web in 2016, according to cybersecurity vendor Clearwater Compliance ranges up to $60 per complete medical record.

With this new market comes another new threat. Hackers can go through the records they have stolen, identify healthcare CEOs and other top leaders who have medical records they would not want to see made public, and blackmail them, Cunningham warns.

Despite that scenario and other threats, he doesn’t see the healthcare security environment changing much. The politically correct answer would be to say that security efforts will change drastically with providers and payers locking down their systems and encrypting data to the point where a thief cannot steal data even if he or she gets into the systems. The reality, Cunningham bemoans, is that the theft and sale of data will be an increasing concern that healthcare organizations will need to deal with.

Understaffed and underfinanced healthcare information technology and security units are simply overwhelmed with cyber threats; they mediate one threat and move on to the next, but don’t have the training, manpower or money to go as deep as they may want to or should. They’re just hoping their organizations “don’t end up in the newspapers,” Cunningham says.”

HealthDataManagement

 

One might well ask what the individual can do.    Simply acquire…. and use HealthBank – a totally secure data key, recording all of one’s personal medical information (totally encrypted if desired) totally off the cloud.

Securing one’s medical information on a data key retained in one’s possession will provide peace of mind.  But there is another material benefit too.     A potential “lifesaver”, as the Mayo Clinic describes it……

“Having a personal health record can be a lifesaver, literally. In an emergency you can quickly give emergency personnel vital information, such as a disease you’re being treated for, previous surgeries or hospitalizations, medications you take, drug allergies, and how to contact your family doctor.

 A personal health record not only allows you to share information with your care providers but also empowers you to manage your health between visits. For example, a personal health record enables you to:
  • Track and assess your health. Record and track your progress toward your health goals, such as lowering your cholesterol level.
  • Make the most of doctor visits. Be ready with questions for your doctor and information you want to share, such as blood pressure readings since your last visit.
  • Manage your health between visits. Upload and analyze data from home-monitoring devices such as a blood pressure cuff. And remind yourself of your doctor’s instructions from your last appointment.
  • Get organized. Track appointments, vaccinations, and preventive or screening services, such as mammograms. In fact, a recent study found that when parents used personal health records for their children, the children were more likely to get their preventive well-child checkups on time.”

 

War of Independence II

The sequel to the War of Independence is out now.  Not in cinemas, but playing out on the world’s stage.  The War of Independence II is not being directed by some well known Hollywood or Bollywood director, but by individuals.  And it’s not cameramen that are recording events, but internet reports.  The players are not paid actors either, but real people – you and me.  There’s no make-up… the wounds and scars are all very real.  And the entire epic is being well publicised by the world’s Press on a daily basis.  Pundits with a point of view are not your traditional movie reviewers, but captains of industry.  The audience are also the cast.  The genre is reality.

Like the original War of Independence (WoI) between the UK and the US 240 years ago, the WoI II continues the theme of a backlash against the elite and the fight for our Rights.  Descendants of the first WoI are following their forefathers by taking up positions and digging in for a long fight, perhaps for as long as the first (8 years).  Already, similarities to the strategy and tactics of the first WoI are being played out with small-scale skirmishes as well as fixed battles.  So, let’s have a look at the story so far.

On the one side of WoI II are the corporates, governments, and the hacking community, all separate entities, but certainly fighting for the same ends: control of the internet and access to the world’s most powerful commodity today: data… because with Big Data (including data science and analytics), data is the source that represents today’s Economy due to the potential for insights and knowledge that lead to power and money – the Internet Plc is the battleground.  On the other side, again in no loose alliance per se, are the 3 billon users of the internet.

War has been declared.  The year is 2016.  It’s a war of the internet.  It’s a war of individuals.  It’s the second War of Independence.

One strategic play underway is government’s approach to the necessary governance that dictates how data is controlled.  There are a plethora of regulations, directives, and legislation, from the Privacy Shield (replacing Safe Harbor) to the EU GDPR and individual countries like the UK with their Data Protection Act… not to mention various Bills, Acts and the like covering State-sponsored surveillance.  At the heart of the objections raised by concerned citizens, pressure groups and lobbyists are issues to do with our Rights vis-a-vis Privacy.

From this governance falls the unique interpretations by commercial bodies, such as Privacy Policies, which few can afford to challenge in the Courts – issues here include the EU’s “right to be forgotten”… the operative word being right.  As the Australian Privacy tzar put it recently, “While it’s encouraging to see that … appropriate privacy notices were consistent with their practices, it’s important (to) understand the bargain we strike with a retailer when we join a loyalty program.  There’s no such thing as a free lunch, nor a free flight. The data that loyalty programs collect is valuable, and personal.  So in this case, there is a price for the rewards from these programs.”  What might be sold to us consumers as ‘opt-in’ is actually implicit, not explicit – take, for example, all the Terms & Conditions we have to Agree to (because governance dictates it), yet nobody has the time to read them.

And then there’s the Hacking Economy.  Our private data vicariously flying around the internet, from our devices to the online servers where companies and governments also store our Private data, all being hacked and sold on to the highest bidders.  And then this Private data is further being collected by aggregators for further commercial (or surveillance) value.  We absolutely recognise that if we leave any kind of digital footprint behind, it’s there forever, and connections with all of our single footprints is being made.

From the consumer side of the battle, there is no organised resistance.  However, individually, we all seem to be behaving and reacting in fascinatingly similar ways, which embodies in a unified mass surge of defiance.  We have started to vote with our feet in defence of our Right to (online) Privacy.  According to the 2016 Internet Trends report, “74% have limited their online activity in the past year due to Privacy concerns.”  Worse still, the NTIA found that, “45% … stopped conducting financial transactions, buying goods or services via the Internet.”  And the reason cited?  “92% are worried about their Privacy.”

So, what’s the best way to win the war?  Individual skirmishes are all very well, but we need to make alliances with powerful players.  To that end, it is helpful that the Chief Economist of the Bank of England has recognised the ‘Great Divide‘ – the chasm that is separating banks and the little person on the street with our concerns of Privacy that have led to a breakdown of Trust.  If we can ally ourselves with the big commercial institutions; if we can persuade them that they need to change their fundamental approach to transacting online, addressing our Privacy concerns; and if we can organise ourselves, then we stand a chance of winning back our Right to Privacy, and the WoI II can be won.  If we can’t, the promise of the internet will implode – and if that happens, there will be no winners.

The successful outcome of any war depends on good logistics and a health supply chain.  To a certain extent, it’s a numbers game, and the numbers certainly seem to stack up.  But troops who feel that they are fighting alone (or actually are fighting alone) will soon starve.  So, that’s where LifeBank comes in.  The industrious LifeBank leaders have produced a capability that reaches out to every internet user – the weapon that LifeBank has manufactured is powerful in its own right, giving individuals the ability to organise themselves (so they can enjoy life, assured that their life is all in good order); but it also serves as the mechanism to store all their Private data offline, allowing them the custodial control of which parts of their Private data they wish to share, when they wish to share it, and with whom they wish to share it.

In essence, it returns the power back to the individual.  Our Right to Privacy is then back in our own hands.  If we choose to explicitly opt-in to dilute our individual power, then it’s our choice, not the choice of hackers, the government or commercial enterprise.  But here’s the important part – it also provides an approach to create strategic alliances with those organisations that recognise the Great Divide, who genuinely want to rebuild Trust, so that they can maintain healthy relationships with their customers and keep one step ahead of the competition.  It allows companies to provide the facility to transact with loyal customers.  The LifeBank approach starts with an audit of the very Private data that is our number one concern that sits within the connected servers of the enterprise… an audit that includes a consolidated report on the commercial risks that the business is exposed to.  Then it sets out a simple point-by-point plan to rectify the problem, including full support in executing the plan, starting with the low-hanging fruit.

If you want to win the WoI II, it’s time to engage proactively.  For further reading, follow @NomadSquire on Twitter.  To get involved right now, email info@lifebanksystems.com – who knows, your decision today could make the world a better place for us all tomorrow.

Trust!….or should that be, can you trust them?

the-trust-paradox-trusted-advisor-status-hurts-accountants.png

Look at the above words….and reflect on them.    Who do you trust?   Your bank?  Probably not!    Your insurer?  – health or otherwise.    Unlikely?    Then add the various entities with whom you have contact – for example, your employer or the people from whom you make purchases on line.   The people who store the data containing all your personal details?  – financial, health and personal.

If you think about it, you are entrusting to third parties – for example, your bank, your medico, the medical facility you attended, your insurer, your employer and many, many others – a goldmine of personal and critical information about yourself.     Do you really believe that these third parties safeguard that information?

Bottom line, there is absolutely no reason to trust any of the above notwithstanding all the entreaties to us to do so.       Just remind yourself of this:

  • from KevinMD:

Some say privacy is an illusion. I hope that isn’t true, but I do know that our medical records are not safe. Why should you care? Because our medical records contain our social security numbers, health insurance information, our home addresses, phone numbers, emergency contacts and their phone numbers, our email addresses, possibly our driver’s license numbers, and likely credit card payment information. Ever paid your co-pay with a credit card?

Your medical record is worth ten times more to a cyber criminal than your credit          card number. And with health care’s mandatory transition to electronic medical records, cyber thieves have taken full advantage.

If you think major institutions are immune to cyber attacks, think again. You might recall the cyber attacks on our U.S. government. One in particular compromised personal information on 22.1 million people and 5.6 million fingerprints were stolen.”

 

  • from KrebsonSecurity:

“In January 2015, the FBI released stats showing that between Oct. 1, 2013 and Dec. 1, 2014,  some 1,198 companies lost a total of $179 million in so-called business e-mail compromise (BEC) scams, also known as “CEO fraud.” The latest figures show a marked 270 percent increase in identified victims and exposed losses. Taking into account international victims, the losses from BEC scams total more than $1.2 billion, the FBI said.

“The scam has been reported in all 50 states and in 79 countries,” the FBI’s alert notes. “Fraudulent transfers have been reported going to 72 countries; however, the majority of the transfers are going to Asian banks located within China and Hong Kong.”

  • from The Age newspaper:

“Hackers hoping to steal people’s financial details are moving away from targeting banks and are instead focusing on the big online stores.

According to the Norton Cybersecurity Insights Report, more than $1.4 billion was lost to cybercrime in 2014, with more than four million Australians impacted.

Mark Gorrie, director of Norton by Symantec in the Pacific region, said there has been a noticeable shift in cybercrime trends, with ransomware also becoming more common.

Ransomware – also known as online extortion – is the means by which someone’s files or photos are hacked into and held until money is paid for their release.

Ransoms can run to hundreds of dollars, and, Mr Gorrie says, people have “no guarantee their files will be freed”.”

 

  • from The New York Times:

“Americans highly value the privacy of their personal information and communications, but they have little faith that the government and private companies will actually protect their data, according to a report to be published Wednesday by the Pew Research Center.

The survey research, conducted online in 2014 and early 2015, found that more than nine in 10 adults said that controlling who gets access to their private information and what information those people can see is important to them. But half of the people surveyed felt they had little or no control over their data.

Nearly two-thirds of the people surveyed said that the current limits on telephone and Internet data collected by the government were inadequate, even when the government says such information is needed to combat terrorism. Earlier this month, a federal appeals court ruled that the government’s current bulk collection of telephone data is illegal. The House has voted to change the program to keep such data with the phone companies until the government requests it, and the Senate is expected to consider the legislation soon.

It’s not just the government that Americans don’t trust. Corporations fared no better in the survey, with 76 percent of adults saying they had little confidence in online advertisers to keep their information private.”

 

Discomforted by the above, you rightly ask yourself what can you do to protect yourself from the fallout from cybercrime or being held to cyber  / computer ransom.

At no more than a very modest cost, you can take control of your private data – and minimise reliance on all those third parties who tell us to trust them but have shown to be vulnerable to cyber crime – by getting yourself LifeBank or HealthBank.    A straight-forward data key which securely records, fully encrypted, all your personal data.    It’s that simple!

 

Paradox for sale

There’s a new drug on the market – it’s called Paradox.  As you might expect (the clue is in the name), it’s no ordinary drug… it dispenses an effect quite the opposite to what you would have anticipated.  It’s not a drug you can buy over the counter; well, unless you recognise the internet equivalent.  And this drug is so potent, you’re probably surprised you’ve never heard of it.  And yet, this drug is now the most common administered substance available online – you undoubtedly will have consumed it already, without you knowing it.

Intrigued?  I was too.  And, more to the point, the more Paradox I take, the more intrigued I become – you think you are getting better (that’s why we take medicine), but you just keep getting worse.  When the internet started, Paradox wasn’t available.  After all, the internet brought high hopes: economies of scale to be had; new markets to grow into; and different ways of doing things… millions of them.  Paradox wasn’t needed.  We even constructed standards to abide by.  We built security protocols to be proud of.  And yet the bigger the internet became, and the more we wanted to consume data, the more we found ourselves in need of Paradox.  There are now 3 billion patients globally who take Paradox on a daily basis.

When a doctor says, “this will be good for you – it will make you better,” we believe them.  When the largest IT companies in the world tell us, “the internet will bring you prosperity and longer lives,” we put our faith in the message.  We don’t ask the doctor if the drugs have been tested – we unequivocally accept their discipline and the government regulations to ensure doctors and pharmacists have only the best drugs available.  And the same is true for IT – we believe that security measures are second to none, whilst government regulations will protect us.  But… whereas the health sector has proven its worth, IT has created a new health drug, Paradox.

Every private, public and government organisation under the sun has embraced IT, which has fed their very soul to the extent that all these enterprises, firms, businesses, and public bodies have forgotten why they existed in the first place.  They exist to serve us, the punters, the patients, the consumers, the customers, the voters, the citizens, the individuals.  And now we are so high on the promise that we need a little Paradox to bring us back down to earth.  But that’s the thing.  The more Paradox we take, the higher we get on our internet fix, and the more Paradox we need.

What happens when IT security fails?  We spend more money on it.  And when it fails again.  We do the same.  And so on, ad infinitum.  We are told everything will be all right.  We take a good dose of Paradox.  And whenever we buy this wonder drug, we don’t just feed ourselves, we feed the very corporates that we all work for, as well as feeding all the organisations that we transact with.  We all get high – every person and every body corporate.  No matter how absurd the reality, research shows this to be true.  Paradox, a remarkable elixir.

Well, Dr IT – you are not a doctor.  Everything will not be all right.  The problem is that the price of Paradox has become too expensive.  We have realised that we are starting to pay for it, not with money any more, but our rights.  Our right to Privacy, Trust and Confidentiality.  Paradox has become a self-feeding parasite on society.  The issue is that whilst we common folk have recognised it for some time now, the companies and governments that peddle the internet have not realised what has been going on.  And we have lost faith in the promise of the internet.  Organisations have now lost our Trust.  And yet, the Paradox drug is evermore present.

What happens when faith and trust disintegrate?  Hope itself becomes forlorn.  The great expectations of growth and wealth – the economy – has a seizure.  And despite this happening right now, right under our noses… despite three quarters of us crying out for reason… despite all the Press about this addictive drug, Paradox – we are ignored.  The Chief Economist for the Bank of England has realised the risk in his Great Divide speech.  The question is: what’s the antidote to Paradox?  The answer: more Paradox.

The symptoms are clear.  Private data sitting on the internet is causing angst.  The previous medicine was security, perhaps with a dose of cyber insurance.  All perfectly reasonable temporary preventative measures.  However, the illness at best becomes dormant, till the next eruption.  To really deal with it, take some Paradox… take the private data off the internet.  As unbelievable as that sounds, it will work.  Putting private data back in the hands of the owners, who should have custodial control of it, will fix the problem.  Forever.  Don’t withdraw Paradox – sell more of it.. but with clear packaging that explains how to take the medicine.  As the old Mary Poppins song goes, “with a spoonful of sugar.”  In this case, the sugar is LifeBank.

Use one of the internet’s greatest tools, email, to find out more about how LifeBank should be administered with Paradox… info@lifebanksystems.com – failing that, follow @NomadSquire on another superb digital tool, Twitter.  Share this blog posting too.  Let’s get a fever going, and let the Paradox drug and LifeBank work their magic.

Our #1 Concern

For over a decade and a half, we have ignored surveys about Privacy… back in 1999,  the AT&T survey Beyond Concern: Understanding Net Users’ Attitudes About Online Privacy found “87% stated they are concerned about threats to their personal privacy while online“.  Today the findings have not improved, from the US to Canada where “nine in 10 Canadians were concerned about privacy” and the UK where “the 2015 edition of the TRUSTe Consumer Confidence Index confirmed that concern about online privacy is increasing – 92% of Internet users are worried about their privacy when surfing the net and concern is on the rise“.

The 2016 Internet Trends report by KPCB reinforced the concern:

  • global internet users @ 3B
  • 4 billion data records breached globally since 2013” and
  •  “74% have limited their online activity in the last year due to Privacy concerns

What’s worse is, because we have ignored the Privacy concerns for so long now, we are now starting to vote with our feet… according to data collected for the NTIA in 2015 by the U.S. Census Bureau “45% of online households said their concerns about security and privacy stopped them from conducting financial transactions, buying goods or services, posting on social networks, or expressing opinions on controversial or political issues via the Internet.

It would seem that with the abundance of Data Protection legislation around the world, the problem is therefore one of security – i.e. it’s an issue of protecting data.  This is a fallacy.  Just because you can say that you are compliant with Data Protection regulations, does not mean that you are adequately addressing our concerns about online Privacy.  Not only that, there is a tremendous rise in costs for implementing security and cyber insurance measures to counter the Hacking Economy, never mind the average costs of $7m in dealing with data breaches.

Andrew G Haldane, the Chief Economist to the Bank of England in his Great Divide speech provides inspired insight in summing up the overall risk to the global economy very effectively – there is a great divide between the silent majority who are no longer using the internet and the vocal minority of businesses who continue to insist their model is right and consistently fail to identify with the silent majority… Haldane emphasises trust:

Evidence has emerged, both micro and macro, to suggest trust may play a crucial role in value creation.  At the micro level, there is now ample evidence the degree of trust or social capital within a company contributes positively to its value creation capacity.  At the macro level, there is now a strong body of evidence, looking across a large range of countries and over long periods of time, that high levels of trust and co-operation are associated with higher economic growth.  Put differently, a lack of trust jeopardises one of finance’s key societal functions – higher growth.

The problem is not about security (and data protection) – the problem is about trust and Privacy, and the fact that our private data is online… if private data were offline, there would be no problem.  Therefore, taking private data offline is the solution.

But it’s only part of the solution.  Because the internet needs to continue to grow, organisations will need private data from time to time to allow transactions to occur.  And, this is not an alien concept to us users either… according to a Rock Health survey, “90% agree they should be in control of who has access to their health data“, and according to Pew Research Centre surveys, we “also value having the ability to share confidential matters with another trusted person.  Nine-in-ten (93%) adults say this ability is important to them.

The options that address both above requirements (taking private data offline, whilst giving individuals their custodial control to able to share it online with whom, when, and where the user chooses) are limited.

  1. do nothing – it’s always an option worth considering… do nothing is tantamount to saying, “carry on what you’ve been doing for the past 15 years.”  Just spending more on security, or proving you are compliant with Data Protection legislation, or taking out cyber-insurance, whilst all necessities, will not fix the problem, as evidenced by the issue that Privacy remains just as high a concern as it was back in 1999.  “Do nothing” is not an option.
  2. revert to pre-internet days – drastic as that might sound, that’s precisely what 45% of online households are already doing when they said their concerns about security and privacy stopped them from conducting financial transactions, buying goods or services via the internet!  Organisations cannot afford to allow this to continue given the enormous investment that has been made in digital, cloud, online strategies.  “Revert to pre-internet days” is not an option.
  3. transfer online private data to LifeBank – essentially this means giving private data back to your customers and your employees, and removing it completely from your online or cloud systems.  Then both customers and employees will not be concerned that their private data is online anymore, trust will be restored.

As Haldane put it, “So a lack of trust in finance potentially hobbles both economic growth and financial stability.  That lack of trust is the mirror-image of the perception gap between the financial sector and wider society, the Great Divide.  The Great Divide matters because it signals a pronounced and protracted erosion of social capital. It puts finance on notice for losing its social licence. And, unaddressed, that jeopardises future wealth and well-being.

By restoring trust and giving individuals back their Privacy, the online economy promises to revive.  By ignoring the concern of trust and Privacy, we fail, spectacularly.

LifeBank provides a Privacy Audit that reviews the risk of this Privacy issue to your business.  LifeBank helps you consider the options and alternatives for a roadmap that focuses on rebuilding trust and resolving the number 1 concern of Privacy.  And LifeBank will guide you on every step of the way.  Nobody takes Privacy more seriously.

Email info@lifebanksystems.com today to start the discussion.

 

It all seems an unholy mess!

We are all pretty much captives to the internet.     There is no gainsaying that without access to emails or using the internet in any numbers of ways, life would be a tad more complicated.    However, we are all confronted with critical issues in all of this, not the least, where do we, the individual, stand, not only as users, but whose personal  details, are in the main,”out there” on the cloud.

“Every day, billions of people around the world use the Internet to share ideas, conduct financial transactions, and keep in touch with family, friends, and colleagues. Users send and store personal medical data, business communications, and even intimate conversations over this global network. But for the Internet to grow and thrive, users must continue to trust that their personal information will be secure and their privacy protected.

NTIA’s analysis of recent data shows that Americans are increasingly concerned about online security and privacy at a time when data breaches, cybersecurity incidents, and controversies over the privacy of online services have become more prominent. These concerns are prompting some Americans to limit their online activity, according to data collected for NTIA in July 2015 by the U.S. Census Bureau. This survey included several privacy and security questions, which were asked of more than 41,000 households that reported having at least one Internet user.

Perhaps the most direct threat to maintaining consumer trust is negative personal experience. Nineteen percent of Internet-using households—representing nearly 19 million households—reported that they had been affected by an online security breach, identity theft, or similar malicious activity during the 12 months prior to the July 2015 survey. Security breaches appear to be more common among the most intensive Internet-using households. For example, while 9 percent of online households that used just one type of computing device (either a desktop, laptop, tablet, Internet-connected mobile phone, wearable device, or TV-connected device) reported security breaches, 31 percent of those using at least five different types of devices suffered this experience”.   

National Telecommunications and Information Administration, Department of Commerce.

But it doesn’t end there.     Now, our medical data is ever more vulnerable to being “out there” as hospitals are either using the cloud for storage of data – or more likely than not, the medical facility being hacked.

“Some say privacy is an illusion. I hope that isn’t true, but I do know that our medical records are not safe. Why should you care? Because our medical records contain our social security numbers, health insurance information, our home addresses, phone numbers, emergency contacts and their phone numbers, our email addresses, possibly our driver’s license numbers, and likely credit card payment information. Ever paid your co-pay with a credit card?

Your medical record is worth ten times more to a cyber criminal than your credit card number. And with health care’s mandatory transition to electronic medical records, cyber thieves have taken full advantage. If you think major institutions are immune to cyber attacks, think again. You might recall the cyber attacks on our U.S. government.”

Kevin MD.com (27 May, 2016)

And then there is this:

“So many hacks occur every week that you can barely remember them all. Which is the most recent? How much data was stolen? Are there common underlying trends? Here you’ll find a short recap of the biggest data breaches and hacks in the past six months and the aftermath that often affects your daily digital life without you even knowing it.

This past March, 360 million MySpace passwords (and 427 million LinkedIn IDs) were traded online, representing approximately the population of North America. These two cases turned out to have similarities when the authorities discovered data was stolen years ago, but only came to light at the beginning of the year. These breaches exposed both current and former users of these social networks, and as a solution, MySpace reset the breached passwords. Still, there’s always a risk when people use similar passwords for other websites.”

Cédric Jeannot, PhD via Linkedin

Let the illustrious Harvard Business Review have the last say on the topic:

“Cybersecurity has become one of the CEO’s biggest worries, according to several surveys. Companies are investing billions in protecting their systems and training their employees. The worldwide cybersecurity market has been estimated at $77 billion in 2015 and will be $170 billion by 2020. However, the field has mostly focused on protecting systems from vulnerabilities in software and hardware. Today’s threats are no longer confined to those two places. As organizations have come to rely more and more on data-driven algorithms, risks are increasingly present in the data itself.”

If the above isn’t enough to cause one a headache and ponder what one can do to at least ensure that as much of one’s personal data is maintained for and kept to oneself – and off the cloud – LifeBank, HealthBank and BusinessBank affords the #1 answer for the user.      The user can determine to what extent they will collect and protect their data using the LifeBank, HealthBank or BusinessBank system.

 

 

 

 

 

 

 

Even the “great” Mark Z got caught

Passwords, credit card numbers, log-in details, passport numbers, a variety of account numbers, important telephone numbers, home and garage security pad numbers, etc. etc. We all have them.  They seem endless -and if we aren’t careful they will be “exposed” to the world.   There goes our privacy!     It is no wonder that a staggering 96% of internet users – a number exceeding 3 billion in the world – now count privacy as their prime concern about the internet.

Even the big and “great” – no lesser personage than Mark Zuckerberg of Facebook fame – has been wanting in what password he uses.    Would you believe it?    The Age newspaper reports:

“Chances are, you’re using the same password for multiple online accounts — or maybe recycling two or three that are easy to remember. You’re only human, and even super humans are known to commit grave password crimes.

This week Facebook chief executive Mark Zuckerberg was caught out not only using a very weak password for social media logins, but using it across multiple accounts (though not Facebook).

His password — don’t laugh, it’s “dadada” — is believed to be among millions that were leaked by hackers online following a massive breach of LinkedIn.

The Age piece goes on to make more than a valid point…..

“Why is it that we continue to ignore best practice in the face of rising hack attacks and online identity fraud?

‘Crazy’ number of logins

The answer is likely in the increasing number of online accounts we need just to go about our daily lives — from social media profiles to banking, email, subscription services, websites (many of which you’ll never visit again) and more.

“It’s completely going crazy … it’s gone mad,” says Asha Rao, associate professor of information security at RMIT.

“Almost every website you visit, if you want any kind of info, they ask you to sign up.”

Estimates of how many accounts the average person has vary; but what’s clear is the number is growing.

In 2007 Microsoft put the figure at 25, with people recycling the same six or so passwords across accounts.

Fast-forward nearly a decade, and Dashlane (which, yes, makes a password management app) reckons today we each have upwards of 100 accounts. Its data suggests the number of accounts we have doubles every five years. Yikes.”

Like it or not, hacking and the lack of security in relation to using the internet will increase despite attempts – and not all that valiant ones at that – to arrest the problem of hacking and cyber ransom.     Perhaps with a sense of the dramatic look at what The New York Times reports, just today, in “A Russian Cybersleuth Batttles the ‘Dark Ages’ of the Internet“…

“A sense of menace stirs right off the elevator on the fifth floor of Kaspersky Lab’s Moscow headquarters, where a small television screen displays cyberthreats occurring in real time around the world — a blinking, spinning, color-coded globe brimming with suspicious emails, malware and evil botnets that could be infecting a computer near you.

That feeling of unease intensifies when Eugene V. Kaspersky — the stocky, garrulous, 50-year-old founder and chief executive of the global computer security company — begins to catalog possible threats: The computerized elevator you just left is vulnerable to cyberattacks, as are your smartphone and smartcar. Your bank, without question. Your electricity and water supplies could be at risk. Cybercriminals grow smarter, bolder and more elusive every year.

“We are living in the middle cyberage, the dark ages of cyber,” said Mr. Kaspersky, whose modest corner office with glass walls overlooks a stretch of canal and a boat club. He has longish salt-and-pepper hair, a trim beard and a ruddy, tanned complexion. “Right now, it is more functionality, more technology, more services, but not enough security.”

Kaspersky Lab is most famous for being the home of the brainy geek squad that exposed Stuxnet and Flame, the American-Israeli cyberweapons that disrupted Iran’s nuclear program.

Mr. Kaspersky and his company find themselves at the forefront of the battle against cybergangs, one of the largest emerging threats, for two rather simple reasons, he said: “Russian software engineers are the best; unfortunately Russian cybercriminals are the best, as well.”

Hacking methods developed in the Russian-speaking world are going global, suggesting a thriving black market in malicious code. “They don’t just hack the victims, they trade the technology to other gangs,” he said. “Now there are hundreds of victims, in the United States and Asia.”

One gang alone is believed to have stolen up to $1 billion from banks, mainly in Russia, in 2013 and 2014. And this month, Kaspersky Lab experts helped Russia catch its largest hacking gang yet — 50 people were arrested and accused of stealing $45 million since 2011. Investigators now believe the North Korean government hacked an international financial messaging system in February in an effort to drain $1 billion from the central bank of Bangladesh. They managed to get $81 million before the Federal Reserve Bank of New York became suspicious and cut off the transaction.

After banks, commodities are a big new target. Hackers manipulate supply records, disguising surpluses to sell. “We now have reports that it is massive, it is everywhere,” said Mr. Kaspersky, who speaks colorful English with a Russian accent.

One is entitled to feel vulnerable and insecure to one’s privacy, in effect, being hijacked.

One effective, straight-forward and inexpensive way to collect and protect – yes, protect – all of one’s personal details (of all descriptions) is to secure for oneself, and use, LifeBank, BusinessBank or HealthBank.    It is you, the user, armed with the encrypted data key, which is in your possession and under your control who safeguards all that personal information from being “out there” for the world to access.

PS   You might want to do Mark Z a big favour and send this piece on to him…..

 

Hacking: Where are you left in all of this?

Corporations with vested interests are forever extolling the virtues of the cloud.    They are even prepared – in the process engaging in deceptive and misleading conduct in breach of trade practice-type legislation – to confidently assert (based on what one has to query!) that the cloud is secure.     It clearly isn’t….. as hardly a day goes by without a report of a significant breach of security somewhere in the world because this or that corporation’s data in the cloud has been hacked.     Let the stats speak for themselves:

 “It is estimated that nearly 30,000 websites are infected with some type of malware every single day.  Some attacks from recent history you may remember is the Target hack, where 70 million people had their information stolen, and also JP Morgan Chase where over 76 million households were affected and 7 million small businesses were compromised.  Many people tend to think that only large companies are targeted by hackers, but that is not the case.  Most of the businesses that are affected by hackers are small businesses and you do not want to be one of them!   Personal blogs, company websites, and large news sites, are just a few examples of the things hackers can target.  Wherever they see an easy target, they will do anything to capitalize on it by spreading malicious software or stealing information.  Some of these statistics will give you an idea about cyber attacks and how many people are affected by it.  
  • According to Stopthehacker.com “it takes only 10 minutes to crack a lowercase password that is 6 characters long. Add two extra letters and a few uppercase letters and that number jumps to 3 years. Add just one more character and some numbers and symbols and it will take 44,530 years to crack.”
  • Nearly three quarters, 73 percent, of all Americans have fallen victim to some type of cyber crime.
  • “In a recent survey it was reported that 90 percent of all businesses suffered some sort of computer hack over the past 12 months and 77 percent of these companies felt that they were successfully attacked several times over the same period of time.”
  • “Over 27 million Americans have fallen victim to identity theft over the past five years. 9 million of them found their identities stolen in the last year alone.”

So, there is a hack or a corporation or institution – a la a hospital, as happened recently – is held to ransom.   There is undoubtably a loss suffered and a cost associated with what has occurred.   Intel Security puts the cost bluntly:

“Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the global economy from cybercrime is more than $445 billion, including both the gains to criminals and the costs to companies for recovery and defense. A conservative estimate would be $375 billion in losses, while the maximum could be as much as $575 billion.”  
The actual direct “victim” of the hack or subject of a ransom will almost certainly recover any loss it has suffered consequential to the cyber breach.   Some insurer will pick up the tab for the loss.   NetDiligence Cyber Claims Study 2014 provides some interesting stats:
“PII was the most frequently exposed data (41% of breaches), followed by PHI (21%) and PCI (19%).
 
Hackers were the most frequent cause of loss (30%), followed by Staff Mistakes (14%).
 
Healthcare was the sector most frequently breached (23%), followed closely by Financial Services (22%).
 
Third parties accounted for 20% of the claims submitted.
 
There was insider involvement in 32% of the claims submitted.
 
The median per-record cost was $19.84. The average per-record cost was $956.21.
 
The median cost for legal defense was $283,300. The average cost for legal defense was $698,797.”
 
But, one might well ask, what about the poor individual down the line whose data has become public property, or whose identity has been stolen or whose medical records are available to the world at large?
They don’t fare that well.   In some jurisdictions legislation affords protection provided the claimant can establish loss and damage.    But how to calculate that?    A truly vexed question – and one not really properly addressed anywhere in the world.
One web site in the US providing free legal advice on whether an individual can sue for a hack paints this rather dismal picture:

“Not surprisingly, consumers who have had their personal data stolen have turned to the courts for redress.

Two former employees of Sony Pictures filed a class-action lawsuit in December charging that the company failed to properly secure sensitive employee information, such as Social Security numbers, birth dates, salary information, and medical information.

Sony reportedly kept important passwords in unencrypted Word documents with names that included the term “passwords.”

Consumer lawsuits based on data breaches rarely succeed, for a variety of reasons. For example, consumers may not be able to prove that they were actually harmed, but merely that they face the potential for harm.”

There can be little doubt that with the increase in hacking, that either through legislation being put in place facilitating the ability to sue, or courts handing down decisions providing definitive guidelines on how the whole subject of loss and damage to the individual is to be dealt with, that all one can presently do is
  • not to trust those who so confidently assert that the data they hold – that is, including yours- is secure from being hacked, and
  • better still, use LifeBank and HealthBank – totally off the cloud and fully encrypted – in order to keep secure, and safeguard, one’s private data from prying eyes.