Medical giant Quest was hacked. How can blockchain protect patient medical data?

Quest Diagnostics, a public clinical laboratory services provider, is an international company with annual revenue of $7.5 billion in 2015. The company recently suffered a serious hacker attack, losing valuable customer information of 34,000 people. Quest admitted that the stolen customer information included names, dates of birth, laboratory results and phone numbers.

According to Quest's IT and development teams, an undisclosed group of hackers accessed Care360's MyQuest internal system and stole protected health information (PHI) from a central database. The company did not release more specific information, and the company's contracted cybersecurity firm has not yet figured out how the hackers penetrated Quest's database.

The Quest Diagnostics team said:

"Once Quest Diagnostics became aware of the breach, it immediately addressed the vulnerability. The company is taking steps to prevent future incidents and is working with a reputable cybersecurity firm to assist with the investigation and further evaluate the company's systems."

The most worrying thing about this attack and data theft is that the Care360 online application is currently being used by many hospitals and medical companies in the U.S. Since Care360 went online in 2010, its flexibility and functionality have been favored by many doctors and medical institutions.

Dr. Paulo Andre said:

"The important application of the Care360 electronic medical record system for doctors is that it is backed by Quest Diagnostics. This online method can bring great convenience. When the patient calls me, I can use it in three different hospitals."

However, the company has not updated or overhauled its internal systems and databases since 2010. Despite the fact that many well-known doctors and hospitals in the United States rely on this platform to record sensitive patient data, the online platform is actually not encrypted.

Although Quest Diagnostics claims they will address the vulnerability, the vulnerability or weakness has never been disclosed by the company or the cybersecurity companies it works with.

To prevent catastrophic data theft in the healthcare industry, various multibillion-dollar companies, including Capital One, are partnering with blockchain startups to use a blockchain network’s permanent, immutable ledger to protect medical records and vital patient data.

Patrick Moore, Executive Vice President of Capital One, said:

“We are seeing an unprecedented transformation in the payments industry, with rapidly evolving digital technologies reshaping the customer experience. We see new network models and data analytics capabilities as an opportunity to reinvent financial management to better meet customer needs, not just by delivering payments efficiencies but also by generating actionable enterprise intelligence.”

In addition, large research and professional services firms such as Deloitte have published multiple blockchain reports and conducted research on the potential of blockchain in the healthcare industry. RJ Krawiec, president of Deloitte Federal Innovation and Translational Medicine, said that today's technology is no longer consistent with the roadmap of the Office of the National Coordinator for Health Information Technology because existing technology cannot provide secure network infrastructure and data transparency.

Massachusetts Institute of Technology (MIT) has also been working on a project of this type, MedRec, which ensures personal privacy while using aggregated data for medical research. In addition, Capital One's joint project with blockchain startup Gem uses blockchain technology to protect medical data. Philips Medical has also established a blockchain laboratory and is working with Gem to develop blockchain medical applications. Large laboratory service providers and medical software developers, such as Quest Diagnostics, must pay attention to and research emerging technologies to ensure that customer data is stored in a secure ecosystem.

For more information, please visit the "Blockchain and Medical Special Topic".