Is Cloud Storage Raining Your Private Medical Records?

The idea of centralized storage of private medical data is a hallmark of interoperability – or, the sharing of medical information between providers – in the new push for electronic health records (EHR) and is central to Health Informatics. However, it turns out that just because data is “in the cloud” does not mean it is safe.

It appears that cloud computing may be raining on Oregon Health and Science University (OHSU). Today we learned that “physicians-in-training” in the Plastic Surgery department, looking for a way to share medical data, put private medical information on a spread-sheet in Google Docs. (see the story here, here, and OHSU’s apology here).

Now, before we go tearing into the physicians and which is obviously a breach for otherwise crème-de-la-crème medical students, we need to consider two very critical aspects of this event. First, how our culture has grown to not only accepts but relies on mobile technology. And Second, who has access to my cloud based information.

Clearly, as the use of mobile devices has exploded onto or culture, it has become a thing upon which we not only depend, but also expect to be able to use. Unfortunately, mobile tech has become so commonplace that we are now failing to be concerned about its security. It just seems to be there, and it’s probably safe after all. In fact, had the data been de-identified (that is, all identification information removed), the whole situation would have been fine. But that was not the case as over 3,000 people are finding out this morning.

The bigger issue may indeed be the problem of access. Recent news about the government mining of Google data not withstanding (another story entirely), a larger issue is whether or not Google has the rights to “sell” your personal information to “partners and associates” (read: marketers). Here’s the rub: your medical data has value. If a certain company can direct market you for a specific product that will handle your specific condition, then your contact data is very valuable to them and they will pay good money for it. And, if you did not read the EULA (End User License Agreement) on Google Docs (and who does anyway?), you just may have given Google permission to do just that.

Here’s the lesson of the day: Just because it is on-line does not make it safe. And, before storing any data on-line, consider the impact it will have on you if it is compromised. This includes medical data, financial data, personal information, and the pictures of you at that party now on someone’s Facebook page.

How Texting (or email or web surfing) in Florida Can Land You In The Hootscow

"Sir! Please put DOWN that iPhone and STEP AWAY!!"

The Great State of Florida has just made computers and smart phones illegal.

Seriously: Heather Kelly of CNN reported Tuesday (http://www.cnn.com/2013/07/09/tech/gaming-gadgets/florida-slot-machine-law) that a new law was passed which makes any device which can allow gambling to be a “slot machine”. But the wording is so broad that it includes any computer of any kind on any network where gambling can occur -- to be illegal. You can’t make this up.

Of course, the Florida legislature did not intend for this. What they intended was to find a way to block computer gambling and close the internet gambling cafés. Unfortunately, the poor quality of the wording resulted in a law that if enforced would shut down the entire Floridian economy.

Pop quiz: Which “road” is paved with good intentions?

To be fair, Florida does have issues regarding gambling, and (if properly taxed and regulated) could harvest some serious income for the state. But, the level of competence exhibited here does demonstrate why it is important for all people – even politicians – to understand what technology is first before figuring out how to control it. 

There is an old business adage which goes "You cannot control what you do not measure. And, you cannot measure what you do not understand."

Perhaps the Florida legislature should take our CIS120 class. In chapter 1, we learn that there are actually many different kinds of computers.

Yottabytes Revisited

In case you missed it, there was an interesting article published in Friday’s Oregonian by McClatchy reporter Greg Gordon on the databases that the NSA is using to record and store domestic emails and phone calls (presumably cell phones at this point). You can see the article here.

According to Gordon, the databases necessary for this amount storage are huge and he identifies one in Utah as being in “yodabytes” which he associates with Star Wars’ Yoda. Actually, it’s “yottabyte”, but either way, it truly is a lot of storage.

So… what’s a yottabyte? According to Wikipedia, it is a septillion bytes and provides us with this visual: 

“To store a yottabyte on terabyte sized hard drives would require a million city block size data-centers, as big as the states of Delaware and Rhode Island. If 64 GB microSDXC cards (the most compact data storage medium available to public as of early 2013) were used instead, the total volume would be approximately 2,500,000 cubic meters, or the volume of the Great Pyramid of Giza.”

That, truly is, a lot of emails.