Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: FDA Approves Use of Chip in Patients ? HIPAA woes?
From: Michael Simpson <Michael.Simpson () inveresk com>
Date: Fri, 15 Oct 2004 10:08:03 +0100

It is just a rapid way of identifying people which is not a bad thing in 
some circumstances.  Some catagories of patient carry alert bracelets to 
inform any medical practitioners that they have certain severe reactions 
or specific medical conditions.  The point being that an emergency 
treatment that would work for the majority of people could kill a 
particular group of patients (eg morphine or Beta-blockers in severe 
asthmatics).  If a patient is concious then there is no problem but the 
comatose patient found by the side of the road with no ID of any type is a 
different situation.  Or the patient visiting from another area, on a 
saturday when her family practitioner's office will be closed so her 
medical records won't be available, who collapses at a restaurant and her 
family are unaware that she has been given a diagnosis of terminal cancer 
2 months ago.  No records available, much blundering by truth seeking 
medic, the "did you know your mother has a massive cancerous liver" chat, 
etc.   Allowing doctors to chip folk for their own benefit is something 
that the medical profession will want (and want it to be compulsory) but 
would always be resisted by most unless its insertion was painless, easily 
reversible yet impossible to palpate and there was a cast iron guarantee 
that the body wouldn't react to it or it wouldn't get infected.  I think 
it should be offered to those vuln patients that want it as a mechanism to 
ensure that when they go to hospital in extremis the treatment they 
receive does more good than harm without having to wear an unfashionable 
item of "jewelry".  The only other thing is that nature provides each 
individual with several biometric unique identifiers already so why add 
more just because they are more easily read by machines at this present 
moment in time?

from insecure's post


The chip only stores an ID number. This ID number could be used as a 
patient ID number to access records in some remote, allegedly secure 
database. The health care provider would need to already have access to 
the remote database


Having been a geek since the days of prestel finding myself working in 
scrubs and up to my elbows in patients' bloody thoraces for the last 
decade the only comment i can make about the security of databases or 
indeed any of teh tech in the health service in areas of britain where i 
have worked is : hahahahahahahahahahaha, what fuqin sec? Though things may 
have changed in the 5 months since i left the "house of pain" ;-) and they 
may have replaced EVERYONE involved with the money-hosing competition that 
is NHS IT    i sincerely hope the situation is different elsewhere in the 


full-disclosure-admin () lists netsys com wrote on 14/10/2004 18:38:20:

Found an article discussing a new verichip that would be implanted under 

patient's skin and used to store medical information. Each time the 
would visit the doctor, this information would get updated. This raises 
concerns about privacy as the chip could also be used to track the 
of an individual, aside from obvious concerns with HIPAA and the secure 
transmission and storage of patient health info. 

Interesting read: (Article - FDA Approves Use of Chip in Patients )


VeriChip: http://www.4verichip.com/ 
Health and Human Services Department: http://www.hhs.gov/ 

Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]