Recently, I’ve been re-watching the blockbuster TV series hit “Breaking Bad” courtesy of Netflix. For those who haven’t seen it, the show traces the descent of a seemingly honest plain-Joe suburbanite from high school chemistry teacher to murderous king of a multi-state crystal meth business, all kicked off by his diagnosis of terminal lung cancer.
As the show clearly intends, it has me musing once again on how an educated guy with a family and a previously crime-free life can compromise everything that once mattered to him and ultimately, destroy nearly everything he loves.
And that, given that I write for this audience, had me thinking just as deeply what turns ordinary healthcare workers into cybercriminals who ruthlessly exploit people’s privacy and put their financial survival at risk by selling the data under their control.
Sure, some of data stealing is done by black-hat hackers who crack healthcare networks and mine them for data at the behest of organized crime groups. But then there’s the surprises. Like the show’s central character, Walter White, some healthcare cybercriminals seem to come out of the blue, relative “nobodies” with no history as gangsters or thieves who suddenly find a way to rationalize stealing data.
I’d bet that if you dug into the histories of those healthcare employees who “break bad” you’d find that they have a few of the following characteristics in common:
* Feeling underappreciated: Like Walter White, whose lowly chemistry-teacher job was far below his abilities, data-stealing employees may feel that their talents aren’t appreciated and that they’ll never “make it” via a legitimate path.
* Having a palatable excuse: Breaking Bad’s dying anti-hero was able to rationalize his behavior by telling himself that he was doing what he did to protect his family’s future well-being. Rogue employees who sell data to the highest bidder may believe that they’re committing a victimless crime, or that they deserve the extra income to make up for a below-market salary.
* Willful ignorance: Not once, during the entire run of BB, does White stop and wonder (out loud at least) what harm his flood of crystal meth is doing to its users. While it doesn’t take much imagination to figure out how people could be harmed by having their medical privacy violated — or especially, having their financial data abused — some healthcare workers will just choose not to think about it
* Greed: No need to explain this one — though people may restrain naturally greedy impulses if the other factors listed above aren’t present. You can’t really screen for it, sadly, despite the damage it can do.
So do you have employees in your facilities on the verge of breaking bad and betraying the trust their stewardship of healthcare data conveys? Taking a look around for bitter, dissatisfied types might be worth a try.