That's because Graph Search will allow phishers to even more intensively data-mine people and organizations. Sadly, it seems that every time social networking takes another leap forward, we have to put our guard up a little higher.
As my security industry expert puts it, "if you're in IT and have privileges to systems that store medical records, you are likely a target. They might also research if you participate in industry organizations. They will find your name based on things that you have published, papers you've published or talks you've given."
On its Web site, the HIMSS Privacy and Security Committee goal is stated: "By 2014, all entities who use, send, or store health information meet requirements for confidentiality, integrity, availability and accountability based on sound risk management practices, using recognized standards and protocols."
Let's hope HIMSS and the efforts of other professional organizations are sufficient to keep the spotlight on security as the amount of PHI on servers and in transit from organization to organization escalates. Otherwise, we might face a scenario imagined in the January 2013 issue of the journal Telemedicine and e-Health.
You can't write a check to make the problem go away. PHI is now more valuable on the black market than ordinary consumer data. The onus is on all of us to do our part to keep the data safe and to prevent Internet-triggered medical errors.