diff options
| author | Nicholas Johnson <mail@nicholasjohnson.ch> | 2025-04-05 00:00:00 +0000 |
|---|---|---|
| committer | Nicholas Johnson <mail@nicholasjohnson.ch> | 2025-04-07 00:00:00 +0000 |
| commit | e2d217c14d07950129418704f40c803e8f50aadbcb2216deb68ae871330a52bc (patch) | |
| tree | 050938f95e3046d21c1ce68d3f94dbda79f8d9912b6b283d72684922c485bcef | |
| parent | 9d977db5da0d7c6907ca166a9ee001123b6131ff43a5956b5869e7157cc1f568 (diff) | |
| download | journal-e2d217c14d07950129418704f40c803e8f50aadbcb2216deb68ae871330a52bc.tar.gz journal-e2d217c14d07950129418704f40c803e8f50aadbcb2216deb68ae871330a52bc.zip | |
Make correction
| -rw-r--r-- | content/entry/re-they-told-their-therapists-everything-hackers-leaked-it-all.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/content/entry/re-they-told-their-therapists-everything-hackers-leaked-it-all.md b/content/entry/re-they-told-their-therapists-everything-hackers-leaked-it-all.md index 7498a84..54219c9 100644 --- a/content/entry/re-they-told-their-therapists-everything-hackers-leaked-it-all.md +++ b/content/entry/re-they-told-their-therapists-everything-hackers-leaked-it-all.md @@ -10,6 +10,8 @@ If you want to learn more about it, you can click the link above. I'm not writin Hospitals and health facilities get hacked constantly. They're so insecure that once I even accidentally socially engineered an employee to send me my own health data (they did not verify who I was). It would be more secure to use air gapped laptops with hardware-token-based full disk encryption, storing the laptops in a locked safe. At least then one would have to physically break into the facility, which would be much more difficult and risky than remotely hacking in. +Edit (05-04-2025): One would not necessarily have to break into the facility to access patient records. One could coerce an employee to give up patient records or register as a patient oneself to access the computer system when the therapist is away. My main point was that it would be much harder to hack patient records remotely or in bulk with this configuration, thus making the hacker more vulnerable to getting caught, and less likely to even try in the first place. + The relationship between a therapist and a patient is among the most intimate relationships there are. The only two people who need detailed records of said interaction are the therapist and the patient. That's it. And the therapist only strictly needs those records until the patient stops being a patient. There is absolutely no need for patient notes to be available to anyone else, particularly not in a networked database. I'm not writing this to discourage anyone from seeking mental health treatment or avoid telling things to their therapist. I just wanted to highlight how unsafe the practice of putting therapy notes in networked databases is and suggest that providers stop doing it. |