We are faced with reading 4 pages of "Notice of Data Incident" about my husband's hacked medical records on August 2. Name, address, telephone numbers, email, birthdate, patient ID number, SS number, account information, driver's license/government ID, medical and health insurance information and identifiers and diagnosis and treatment information. That, of course, can be linked to any other databases including the county's (even I can access a floor plan and photo of your house at the auditor's site), donations, organizations we belong to, etc. A perfect profile to be sold on the internet to create a "valid" ID for an illegal or criminal. The advice, since it's like putting toothpaste back in the tube, is to enroll in Equifax so we can receive fraud alerts and identity protection. Big whoop. Why is their information any more secure than the government's or our medical office? The advice is for us to remain "vigilant" and frequently review our credit statements. As if that's the only thing a criminal can do with this information.
Every medical office in the country was forced by the federal government into these online systems (at a huge cost) and they don't even work well. Our information between practice networks could have moved faster by courier pigeon, and it wasn't even correct. The EMR requirement was a rush job, and a gift to the IT lobbyists with no studies done on whether EMR would reduce costs or save lives.