Most of us have taken at least some action to keep our online identities private. Yet, even as we take steps -- such as religiously clearing our cookies, encrypting our email, or even using VPNs to mask our IP addresses -- the majority of us do not believe it's possible to be completely anonymous online.
This fatalistic outlook among US Internet users is revealed in a 2013 report from the Pew Research Internet Project, "Anonymity, Privacy, and Security Online."
The findings have even more relevance in light of another recent study by the Healthcare Information and Management Systems Society (HIMSS), which finds that the greatest threat to the security of our personal healthcare information comes from healthcare workers themselves. More on that in a minute.
First, let's take a closer look at the Pew study, which is based on survey responses from 782 US-based Internet users aged 18 and older.
The vast majority of respondents (86%) said they've taken steps to remove or mask their digital footprints. More than half of respondents (55%) have taken steps to avoid observation by specific people, organizations, or the government. A majority (59%) of respondents said they do not believe it's possible to remain completely anonymous online.
Those are some sobering numbers, but from where I sit what's even more shocking is the 37% of respondents who believe that it is possible to be completely anonymous online. I can only assume that these folks just don't pay attention to the news. In fact, the rest of the survey results seem to belie that notion of complete anonymity online.
For example, when asked "Suppose you said something critical about a product online, and you didn’t use your real name. How easy do you think it would be for the company to find out who you are anyway?" 79% of respondents said it would be "very easy" or "somewhat easy."
Table 1: How easy would it be for a corporation to find out your identity?
|Degree of ease
|Not too easy
More than half of respondents (56%) said that they have had their personal information compromised or experienced conflict with others due to their online activities.
Table 2: How is our data being compromised?
|Email or social networking account taken over without permission
|Stalked or harassed online
|Personal information stolen (SSN, credit card, bank account)
OK, with this information in mind, let's see what HIMSS has found out about our most personal of personal information: our healthcare records. The 2013 HIMSS Security Survey, released February 19, 2014, includes the results of a survey of 283 IT and security professionals employed by US hospitals and physician practices. The study was supported by the Medical Management Group Association and sponsored by Experian Data Breach Resolution.
According to the HIMMS report:
Eighty percent of respondents noted that they were concerned that human related factors would put data at risk. Furthermore, respondents were most likely to indicate the greatest motivator leading to the compromise of data is for workforce members to snoop on co-workers, friends and neighbors' patient information… Using a scale of one to seven, where one is not a threat and seven is an area that is of high threat concern, respondents were most likely to identify human-related factors such as individuals circumventing controls or disclosing information in error as the greatest area of concern.
Table 3: Factors posing a threat to health data
|Area of concern
|Lack of planning, policies, procedures
|Functionality of devices
|Loss of integrity of information
So, what are the "human-related factors" that most trouble healthcare IT professionals? Negligence or unintentional mistakes that expose information -- such as the disclosure of information on websites, or lost/misplaced files or devices -- was cited as a concern by 86% of respondents. Two thirds of respondents (68%) also indicated that they were concerned workers would bypass security access or interfere with access control. More than half (58%) indicated concern about insider threats, including deliberate activity by workers, while 20% were concerned that outsourced staff would bypass security controls.
Taken together, these two studies paint a pretty grim picture about the state of our online privacy. Are your online experiences consistent with the Pew Research findings? What steps is your organization taking to specifically deal with those "human-related factors" that are such a hot area of concern in healthcare? Is true online anonymity a myth? Tell us in the comments section below.
— Susan Nunziata, , Director of Editorial, EnterpriseEfficiency.com