Does protecting your health information really matter?

We speak with physicians and administrators on a daily basis. I’m happy to report the majority of those we speak will take protecting your health information very seriously. Many are willing to invest in the tools and resources required to do so effectively, even going beyond the inadequate HIPAA requirements when it comes to hardening their organizations against a cyber attack. 

But let’s be honest. If our healthcare profession built the Fort Knox of a security apparatus to protect your health information, what good does it do if you’re just going to give it away anyway? That’s the reality we’re facing in today’s mobile health apps and DNA servicing companies. These companies face very little regulation and even fewer restrictions regarding what they can do with your health information – it’s actually their business model. 

Here are two points to consider.

First, many of these apps are free. If the product is free, it’s because YOU (and your information) are the product. So with little restrictions, and keep in mind most of these entities DO NOT fall under HIPAA, they can do just about anything with your health information. Sell it to a pharmaceutical, an adversarial foreign country? Sure! It’s happening.

Second, for several years now our intelligence community has been gravely concerned with the intense effort the Chinese government has put on collecting DNA information across the world. Today, they own most of the genomics labs in the world. Want to know your ancestry? Odds are the company processing that sample will be Chinese owned. 

Why should you care? Imagine a communicable disease, engineered to attack specific genomic markers, mysteriously breaks out and destroys global economies and millions of lives. Yet this allegedly “naturally” occurring virus has virtually zero impact in Africa and a few other areas of the world. Hypothetically speaking, such a virus could be engineered to attack your specific weaknesses based upon your DNA. Let’s hope something like that never happens!

So what’s the point of your doctors and healthcare workers diligently protecting your health information if you’re just going to give it away to the latest trendy app or because you’re curious to know if you have any Irish in you? 

Healthcare professionals are doing the best they can to protect your data. Please help them by NOT gifting DNA testing to your family this holiday.

Stay on alert when holiday shopping. Don’t click on ads in emails without confirming the link is valid. Don’t leave presents in your car, certainly not where they are visible. Check around and in the back seat of your car before unlocking the doors and getting in. As soon as you get in, lock the doors before doing anything else. There’s a significant concern among law enforcement this holiday season will see an unprecedented spike in crime. Don’t let yourself be a victim. 

Be safe and enjoy the holidays.


If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.


For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.

The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.