February 26 | 2019
Bad Actors Getting Your Health Data Is the FBI’s Latest Worry
Emily Mullin is a science and biotech journalist whose work has appeared in The Washington Post, New York Times, Wall Street Journal, Scientific American, National Geographic and Smithsonian Magazine.
A hacker activating a 3D rendering of DNA data.
(© Production Perig/Fotolia)
In February 2015, the health insurer Anthem revealed that criminal hackers had gained access to the company's servers, exposing the personal information of nearly 79 million patients. It's the largest known healthcare breach in history.
FBI agents worry that the vast amounts of healthcare data being generated for precision medicine efforts could leave the U.S. vulnerable to cyber and biological attacks.
That year, the data of millions more would be compromised in one cyberattack after another on American insurers and other healthcare organizations. In fact, for the past several years, the number of reported data breaches has increased each year, from 199 in 2010 to 344 in 2017, according to a September 2018 analysis in the Journal of the American Medical Association.
The FBI's Edward You sees this as a worrying trend. He says hackers aren't just interested in your social security or credit card number. They're increasingly interested in stealing your medical information. Hackers can currently use this information to make fake identities, file fraudulent insurance claims, and order and sell expensive drugs and medical equipment. But beyond that, a new kind of cybersecurity threat is around the corner.
Mr. You and others worry that the vast amounts of healthcare data being generated for precision medicine efforts could leave the U.S. vulnerable to cyber and biological attacks. In the wrong hands, this data could be used to exploit or extort an individual, discriminate against certain groups of people, make targeted bioweapons, or give another country an economic advantage.
Precision medicine, of course, is the idea that medical treatments can be tailored to individuals based on their genetics, environment, lifestyle or other traits. But to do that requires collecting and analyzing huge quantities of health data from diverse populations. One research effort, called All of Us, launched by the U.S. National Institutes of Health last year, aims to collect genomic and other healthcare data from one million participants with the goal of advancing personalized medical care.
Other initiatives are underway by academic institutions and healthcare organizations. Electronic medical records, genetic tests, wearable health trackers, mobile apps, and social media are all sources of valuable healthcare data that a bad actor could potentially use to learn more about an individual or group of people.
"When you aggregate all of that data together, that becomes a very powerful profile of who you are," Mr. You says.
A supervisory special agent in the biological countermeasures unit within the FBI's weapons of mass destruction directorate, it's Mr. You's job to imagine worst-case bioterror scenarios and figure out how to prevent and prepare for them.
That used to mean focusing on threats like anthrax, Ebola, and smallpox—pathogens that could be used to intentionally infect people—"basically the dangerous bugs," as he puts it. In recent years, advances in gene editing and synthetic biology have given rise to fears that rogue, or even well-intentioned, scientists could create a virulent virus that's intentionally, or unintentionally, released outside the lab.
"If a foreign source, especially a criminal one, has your biological information, then they might have some particular insights into what your future medical needs might be and exploit that."
While Mr. You is still tracking those threats, he's been traveling around the country talking to scientists, lawyers, software engineers, cyber security professionals, government officials and CEOs about new security threats—those posed by genetic and other biological data.
Emerging threats
Mr. You says one possible situation he can imagine is the potential for nefarious actors to use an individual's sensitive medical information to extort or blackmail that person.
"If a foreign source, especially a criminal one, has your biological information, then they might have some particular insights into what your future medical needs might be and exploit that," he says. For instance, "what happens if you have a singular medical condition and an outside entity says they have a treatment for your condition?" You could get talked into paying a huge sum of money for a treatment that ends up being bogus.
Or what if hackers got a hold of a politician or high-profile CEO's health records? Say that person had a disease-causing genetic mutation that could affect their ability to carry out their job in the future and hackers threatened to expose that information. These scenarios may seem far-fetched, but Mr. You thinks they're becoming increasingly plausible.
On a wider scale, Kavita Berger, a scientist at Gryphon Scientific, a Washington, D.C.-area life sciences consulting firm, worries that data from different populations could be used to discriminate against certain groups of people, like minorities and immigrants.
For instance, the advocacy group Human Rights Watch in 2017 flagged a concerning trend in China's Xinjiang territory, a region with a history of government repression. Police there had purchased 12 DNA sequencers and were collecting and cataloging DNA samples from people to build a national database.
"The concern is that this particular province has a huge population of the Muslim minority in China," Ms. Berger says. "Now they have a really huge database of genetic sequences. You have to ask, why does a police station need 12 next-generation sequencers?"
Also alarming is the potential that large amounts of data from different groups of people could lead to customized bioweapons if that data ends up in the wrong hands.
Eleonore Pauwels, a research fellow on emerging cybertechnologies at United Nations University's Centre for Policy Research, says new insights gained from genomic and other data will give scientists a better understanding of how diseases occur and why certain people are more susceptible to certain diseases.
"As you get more and more knowledge about the genomic picture and how the microbiome and the immune system of different populations function, you could get a much deeper understanding about how you could target different populations for treatment but also how you could eventually target them with different forms of bioagents," Ms. Pauwels says.
Economic competitiveness
Another reason hackers might want to gain access to large genomic and other healthcare datasets is to give their country a leg up economically. Many large cyber-attacks on U.S. healthcare organizations have been tied to Chinese hacking groups.
"This is a biological space race and we just haven't woken up to the fact that we're in this race."
"It's becoming clear that China is increasingly interested in getting access to massive data sets that come from different countries," Ms. Pauwels says.
A year after U.S. President Barack Obama conceived of the Precision Medicine Initiative in 2015—later renamed All of Us—China followed suit, announcing the launch of a 15-year, $9 billion precision health effort aimed at turning China into a global leader in genomics.
Chinese genomics companies, too, are expanding their reach outside of Asia. One company, WuXi NextCODE, which has offices in Shanghai, Reykjavik, and Cambridge, Massachusetts, has built an extensive library of genomes from the U.S., China and Iceland, and is now setting its sights on Ireland.
Another Chinese company, BGI, has partnered with Children's Hospital of Philadelphia and Sinai Health System in Toronto, and also formed a collaboration with the Smithsonian Institute to sequence all species on the planet. BGI has built its own advanced genomic sequencing machines to compete with U.S.-based Illumina.
Mr. You says having access to all this data could lead to major breakthroughs in healthcare, such as new blockbuster drugs. "Whoever has the largest, most diverse dataset is truly going to win the day and come up with something very profitable," he says.
Some direct-to-consumer genetic testing companies with offices in the U.S., like Dante Labs, also use BGI to process customers' DNA.
Experts worry that China could race ahead the U.S. in precision medicine because of Chinese laws governing data sharing. Currently, China prohibits the exportation of genetic data without explicit permission from the government. Mr. You says this creates an asymmetry in data sharing between the U.S. and China.
"This is a biological space race and we just haven't woken up to the fact that we're in this race," he said in January at an American Society for Microbiology conference in Washington, D.C. "We don't have access to their data. There is absolutely no reciprocity."
Protecting your data
While Mr. You has been stressing the importance of data security to anyone who will listen, the National Academies of Sciences, Engineering, and Medicine, which makes scientific and policy recommendations on issues of national importance, has commissioned a study on "safeguarding the bioeconomy."
In the meantime, Ms. Berger says organizations that deal with people's health data should assess their security risks and identify potential vulnerabilities in their systems.
As for what individuals can do to protect themselves, she urges people to think about the different ways they're sharing healthcare data—such as via mobile health apps and wearables.
"Ask yourself, what's the benefit of sharing this? What are the potential consequences of sharing this?" she says.
Mr. You also cautions people to think twice before taking consumer DNA tests. They may seem harmless, he says, but at the end of the day, most people don't know where their genetic information is going. "If your genetic sequence is taken, once it's gone, it's gone. There's nothing you can do about it."
Emily Mullin is a science and biotech journalist whose work has appeared in The Washington Post, New York Times, Wall Street Journal, Scientific American, National Geographic and Smithsonian Magazine.
September 19 | 2019
Turning Algae Into Environmentally Friendly Fuel Just Got Faster and Smarter
Algae in the Mediterranean sea.
(© damedias/Adobe)
Was your favorite beach closed this summer? Algae blooms are becoming increasingly the reason to blame and, as the climate heats up, scientists say we can expect more of the warm water-loving blue-green algae to grow.
"We have removed a significant development barrier to make algal biofuel production more efficient and smarter."
Oddly enough, the pesky growth could help fuel our carbon-friendly options.
This year, the University of Utah scientists discovered a faster way to turn algae into fuel. Algae is filled with lipids that we can feed our energy-hungry diesel engines. The problem is extracting the lipids, which usually requires more energy to transform than the actual energy we'd get – not achieving what scientists call "energy parity."
But now, the University of Utah team has discovered a new mix that is more efficient and much faster. We can now extract more power from algae with less waste materials after the fact. Paper co-author Dr. Leonard Pease says, "We have removed a significant development barrier to make algal biofuel production more efficient and smarter. Our method puts us much closer to creating biofuels energy parity than we were before."
Next Up
Algae has a lot going for it as an alternative fuel source. It grows fast and easily, absorbs carbon dioxide, does not compete with food crops for land, and could produce up to 60 times more oil than standard land-based energy crops, according to the U.S. Department of Energy. Yet the costs of algal biofuel production are still expensive for now.
According to Science Daily, only about five percent of total primary energy use in the United States came from algae and other biomass forms. By making the process more efficient, America and other nations could potentially begin relying on more plentiful resources – which, ironically, are more common now because of climate change.
Algae fuel efficiency is already a proven concept. A decade ago, Continental Airlines completed a 90-minute Boeing 737-800 flight with one engine split between biofuel and aircraft fuel. The biofuel was straight from algae. (Other flights were done based on nut fuel and other alternative sources.) The commercial airplane required no modification to the engine and the biofuel itself exceeded the standards of traditional jet fuel.
The problem, as noted at the time, is that biofuels derived from algae had yet to be proven as "commercially competitive."
The University of Utah's discovery could mean cheaper processing. At this point, it is less about if it works and more about if it is a practical alternative.
However, it's unclear how long it will take for algae to become more mainstream, if ever.
Open Questions
Higher efficiency and simpler transformations could mean lower prices and more business access. However, it's unclear how long it will take for algae to become more mainstream, if ever. The algae biofuel worked great for a relatively sophisticated Boeing 737 engine, but your family car, the cross-country delivery trucks and other less powerful machines may need to be modified – and that means the industry-at-large would have to revise their products in order to support the change.
Future-focused groups are already looking at how algae can fuel our space programs, especially if it is more renewable, safe and, potentially, cheaper than our traditional fuel choices. But first, it is worth waiting and seeing if corporations and, later, citizens are willing to take the plunge.
Keep Reading
Keep Reading
Damon Brown co-founded the popular platonic connection app Cuddlr. Now he helps side hustlers, solopreneurs, and other non-traditional entrepreneurs bloom. He is author of the TED book "Our Virtual Shadow" and, most recently, the best-selling "The Bite-Sized Entrepreneur" series. Join his creative community at www.JoinDamon.me.
September 16 | 2019
More Families Are Using Nanny Cams to Watch Elderly Loved Ones, Raising Ethical Questions
Jackie Costanzo and her 93-year-old mom, Louise, are happy to have an extra way to stay connected with the camera, which is normally placed on a television stand facing her mom's bed.
(Courtesy Jackie Costanzo)
After Jackie Costanzo's mother broke her right hip in a fall, she needed more hands-on care in her assisted-living apartment near Sacramento, California. A social worker from her health plan suggested installing a video camera to help ensure those services were provided.
Without the camera, Costanzo wouldn't have a way to confirm that caregivers had followed through with serving meals, changing clothes, and fulfilling other care needs.
When Costanzo placed the device in May 2018, she informed the administrator and staff, and at first, there were no objections. The facility posted a sign on the apartment's front door, alerting anyone who entered of recording in progress.
But this past spring, a new management company came across the sign and threatened to issue a 30-day eviction notice to her 93-year-old mother, Louise Munch, who has dementia, for violating a policy that prohibits cameras in residents' rooms. With encouragement from California Advocates for Nursing Home Reform, Costanzo researched the state's regulations but couldn't find anything to support or deny camera use. She refused to remove the recording device and prevailed.
"In essence, my mom was 'grandfathered in' because she moved in under a management company that did not specify that residents could not have cameras," says Costanzo, 73, a retired elementary schoolteacher who lives a three-hour drive away, in Silicon Valley, and visits one day every two weeks. Without the camera, Costanzo, who is her mother's only surviving child, wouldn't have a way to confirm that caregivers had followed through with serving meals, changing clothes, and fulfilling other care needs.
As technological innovations enable next of kin to remain apprised of the elderly's daily care in long-term care facilities, surveillance cameras bring legal and privacy issues to the forefront of a complex ethical debate. Families place them overtly or covertly—disguised in a makeshift clock radio, for instance—when they suspect or fear abuse or neglect, so they can maintain a watchful eye, perhaps deterring egregious behavior. But the cameras also capture intimate caregiving tasks, such as bathing and toileting, as well as dressing and undressing, which may undermine the dignity of residents.
So far, laws or guidelines in eight states—Illinois, Maryland, New Mexico, Oklahoma, Texas, Utah, Virginia, and Washington—have granted families the rights to install cameras in a resident's room. In addition, about 15 other states have proposed legislation. Some states, such as Pennsylvania, have put forth regulatory compliance guidance, according to a column published in the July/August 2018 issue of Annals of Long-Term Care.
The increasing prevalence of this legislation has placed it on the radar of long-term care providers. It also suggests a trend to clarify responsible camera use in monitoring services while respecting privacy, says Victor Lane Rose, the column's editor and director of aging services at ECRI Institute, a health care nonprofit near Philadelphia, Pennsylvania.
In most cases, a resident's family installs a camera or instigates a request in hopes of sparing their loved one from the harms of abuse, says James Wright, a family physician who serves as the ethics committee's vice chair of the Society for Post-Acute and Long-Term Care Medicine in Columbia, Maryland. A camera also allows the family to check in on the resident from afar and remain on alert for a potential fall or agitated state, he says.
"It's rare that a facility will have 24-hour presence in a patient's room. You won't have a nurse in there all the time," says Wright, who is also medical director of two long-term care centers and one assisted-living facility around Richmond, Virginia. Particularly "with dementia, the family often wonders" if their loved one is safe.
While offering families peace of mind, he notes that video cameras can also help exonerate caregivers accused of abuse or theft. Hearing aids, which typically cost between $2,000 and $3,000 each, often go missing. By reviewing a video together, families and administrators may find clues to a device's disappearance. Conversely, Wright empathizes with the main counterargument against camera use, which is the belief that "invasion of privacy is also invasion of human dignity."
In respecting modesty, ethical questions abound over whether a camera should be turned off when a patient is in the midst of receiving personal care, such as dressing and undressing or using bedpans. Other ethical issues revolve around who may access the recordings, says Lori Smetanka, executive director of the National Consumer Voice for Quality Long-Term Care in Washington, D.C.
Video cameras, she contends, are only one tool in shielding residents from abuse. They are "not substitutes for personal involvement," she says. "People need to be very vigilant visiting their family members, and facilities have a responsibility to ensure that residents are free of abuse."
Lack of accountability perpetuates abuse in long-term care settings and stems in large part from systemic underfunding.
Educating employees in abuse prevention becomes paramount, and families should ask about staff training before placing their loved one in a long-term care facility, Smetanka says. Prior to installing a camera, she recommends consulting an attorney who is familiar with this issue.
But thoughts of a camera often don't occur to families until an adverse event affects their loved one, says Toby Edelman, a senior policy attorney at the Center for Medicare Advocacy, a nonprofit organization with headquarters in Washington, D.C., and Connecticut.
"These cameras can show exactly what's going on," she explains, noting that prosecutors have used the recordings in litigation. "When residents have injuries of unknown origin" and they can't verbalize what happened to them, "the cameras may document that yes, the resident was actually hit by somebody."
With a resident's safety and security being "the most important consideration," the American Health Care Association in Washington, D.C., which represents long-term and post-acute care providers, supports allowing states, clinicians, and patients to decide about camera use on a local level, says David Gifford, senior vice president of quality and regulatory affairs and chief medical officer.
"We've seen some success with tools such as permissive legislation, where residents and their loved ones have the ability to determine whether a camera is right for them while working with the center openly and ensuring the confidentiality of other residents," says Gifford, who practiced as a geriatrician. "It is important to note, however, that surveillance cameras are still only one element of the quality matrix. We can never hope to truly improve quality care by catching bad actors after the fact."
Lack of accountability perpetuates abuse in long-term care settings and stems in large part from systemic underfunding. Low wages and morale are tied to high turnover, and cameras don't address this overarching problem, says Clara Berridge, an assistant professor of social work at the University of Washington in Seattle, who has co-authored articles on surveillance devices in elder care.
Employees often don't perceive a nursing assistant position as a long-term career trajectory and may not feel vested in the workplace. Training in the recognition and reporting of abuse becomes ineffective when workers quit shortly thereafter. Many must juggle multiple jobs to make ends meet. Staffing shortages are endemic, leading to inadequate oversight of residents and voicing of abuse complaints, she says.
In Berridge's assessment, cameras may do more harm than good. Respondents to a survey she conducted of nursing homes and assisted-living facilities in the United States found that recording devices tend to fuel workers' anxiety amid a culture that further demoralizes and dehumanizes the care they provide.
Consent becomes particularly thorny in shared rooms, which are more common than not in nursing homes. States that permit in-room cameras mandate that roommates or their legal representative be made aware. Even if the camera is directed away from their bed, it will still capture conversations as well as movements that enter its scope. "Surveillance isn't the best way to protect adults in need of support," Berridge says. "Public investment in quality care is."
"The camera is invaluable. But there's no law that says you can have it automatically, so that's wrong."
In the one-bedroom assisted-living apartment where Costanzo's mother lives alone, consent from another resident wasn't needed. Without a roommate, the camera is much less intrusive, although Costanzo wishes she had put one in the living room, not just the bedroom, for more security.
Her safety concerns escalated when she read about a Texas serial killer who smothered victims after gaining access to senior care facilities by "masquerading as a maintenance man." She points to such horrifying incidents, although exceedingly rare, as further justification for permitting cameras to help guard the vulnerable against abuse in long-term care settings. And she hopes to advocate for an applicable law in California.
"The camera is invaluable," says Costanzo, who pays for monthly Wi-Fi service so she can see and interact with her mother, who turns 94 in October, any time of day or night. "But there's no law that says you can have it automatically, so that's wrong."
Keep Reading
Keep Reading
Susan Kreimer is a New York-based freelance journalist who has followed the landscape of health care since the late 1990s, initially as a staff reporter for major daily newspapers. She writes about breakthrough studies, personal health, and the business of clinical practice. Raised in the Chicago area, she holds a B.A. in Journalism/Mass Communication and French, with minors in German and Russian, from the University of Iowa and an M.S. from the Columbia University Graduate School of Journalism.