If you imagine medical records as being stored in a cabinet somewhere in your local hospital, think again. Until quite recently, medical records were publicly accessible via Google. In an effort to prevent cybercriminals from capitalizing on these resources, Google has removed sensitive medical records from appearing in search results.
If an individual's medical records were leaked, that could be both emotionally and financially damaging. For example, hackers that use ransomware to extort money from hospitals can gain access to private medical data and hold it for ransom. Whether the ransom is paid or not, they could still release it online, where Google’s search engine would pick it up.
Traditionally, Google had a hands-off policy to search results and rely on its algorithm to do the work instead. In the past, this policy was heavily scrutinized for releasing fake news and other forms of false information. All of this changed when Google combed through the search results and removed private medical information.
Before making potentially sensitive information available on search results, Google now assesses their level of sensitivity using this series of questions:
- Is it a government-issued identification number?
- Is it confidential, or is it publicly available information?
- Can it be used for common financial transactions?
- Can it be used to obtain more information about an individual that would result in financial harm or identity theft?
- Is it a personally identifiable nude or sexually explicit photo or video shared without consent?
Ensuring the security of private data is paramount to the success of businesses operating in every industry. Whether it be on-site or online, if data were to fall into the wrong hands, not only could that cause financial and reputational ruin, it could even close down your business for good. If you want to know more about how to keep your data safe, feel free to call or email us!