Here's the latest Federal News Radio report on the OPM breach. The FEHBlog did not realize until he read this article that the government has discovered two breaches at OPM. The second breach involved security clearance forms. The greatest irony here in the FEHBlog's view is that this astounding data loss never would have occurred if we were living without the internet. The paper records or microfiched rolls would be safely stored in a large cave in Pennsylvania. In retrospect (and what after all is a risk assessment other than the careful application of the retrospectoscope) it appears that the security clearance forms never should have been scanned into the computer network. We simply have many more years of experience in successfully securing paper documents than we have successfully securing computer files. The FEHBlog trusts that everyone will be cutting back on these mega-databases until we can get this hacking problem solved.
Roll Call reports that the Senators from Maryland and Virginia have sent a letter to the OPM Director about the security breach. -- "criticizing the agency for a lack of transparency surrounding the breach affecting executive branch workers and failing to properly encrypt Social Security numbers." But as the FEHBlog has pointed out it's not currently feasible to encrypt sensitive databases that are constantly in use as explained in this article. The article concludes
Protecting large databases like Anthem's is a challenge. We need better software security, and we need better structural tools to isolate the really sensitive data from average, poorly protected machines. There may even be a role for encryption, but simply encrypting the social security numbers isn't going to do much.Here's a link to a Modern Healthcare blog article breaking down Medicare Part B payments to specialists. CMS recently released the 2013 Medicare Part B payment data to doctors. Oncologists get the paid the most on average and internists and general practitioners the least. No surprise there.