insurance, folder, files, medical, dental, health

It started out as a data breach like many others. The hackers penetrated the computer network of a small medical practice in a wealthy suburb of northern Illinois, the Surgeons of Lake County, and broke into a server containing email and electronic medical records. But instead of sneaking out undetected and selling the stolen data on the black market, they took a novel tack -- encrypting the data and posting a message demanding a ransom payment in exchange for the password.

The move from fraud to extortion in cases of data compromise is frightening for several reasons. First, it suggests that the criminals knew exactly what they were doing, and that they deliberately targeted digital medical records as part of a well-planned strategy -- an approach that we can expect to see employed more frequently as the digitization of records and broadening of access become the norm in the health care industry. Secondly, this M.O. implies a tremendous confidence in the criminals' power to disrupt -- and a calculation that the illicit return on investment from blackmail would exceed the price that the data would command on the black market.

All of this is ultimately made possible by the digitization of medical records and the placement of those records on networks, often unprotected ones. It gets you thinking: Would you post your medical records to your Facebook profile? Share a CAT scan via Instagram? Discuss your prescription history with your network on LinkedIn?

Not likely. Even if every single one of your Facebook "friends" really is a friend, the idea of such personal information falling into the hands of strangers is hard to stomach -- especially if those strangers happen to be criminals looking to make a quick killing and you are the roadkill.

But what if the server where that information is living belongs not to Facebook or LinkedIn but to a health information exchange -- a computer network designed to put your medical information and that of millions of other patients within easy reach of medical professionals throughout our nation's health care network?

The truth is that it may be there already, whether you know it or not. At least 255 health information exchanges exist across the United States so far, including 17 each in New York and Texas, 12 in Florida and 10 each in California and Michigan, and that number is increasing at a steady clip. Their growth has been spurred partly by federal grants awarded to incentivize medical professionals to participate in and promote the ongoing makeover of the health care system, and partly by the obvious efficiencies inherent in such a centralized and frictionless approach.

In a perfect world, this would not be a problem, and could be a solution. Tremendous benefits can be derived from having a patient's medical data available to practitioners throughout the health care network -- from general practitioners and pharmacists to surgeons, radiologists, lab technicians and emergency response teams. To have current, accurate and reliable data about a patient's medical history just a click away -- whether the matter is urgent or routine -- will save money, time and, of greatest import, lives.

If you doubt that last assertion, consider this: It has been estimated that a million and a half people are hospitalized annually in the United States due to adverse reactions to wrongly prescribed and overprescribed medications, and some 100,000 die each year from adverse reactions to wrongly prescribed drugs. How many of those deaths and hospitalizations might have been avoided by having an accurate patient record close at hand? When you reflect on the full range of medical errors that take place each year due to missing or inaccurate patient data -- from unnecessary surgeries to under-the-radar cancers -- the value is clear.

Then again, in a perfect world, a shopkeeper could stock the shelves, post the prices and leave for the day -- secure in the knowledge that people are honest and will pay for whatever they take.

This is not a perfect world. And that is why some people find health information exchanges so scary.

Unfortunately, not everyone follows the core precept of medical ethics first stated by the Roman physician Galen: "First, do no harm." Indeed, our society has learned the hard way that where there's a weakness, there's a weasel waiting to exploit it. And a database brimming with sensitive data is exploitation waiting to happen.

We all know that digitized health records have long been a target for identity thieves, and the list of major data breaches involving hospitals and other health care facilities is a long one. In fact, as Bloomberg reported recently, medical providers suffer more breaches than any other type of organization, with an astonishing 690 data breaches involving 23 million records since 2005. One recent glaring example is the University of Texas MD Anderson Cancer Center in Houston, which has had three data breaches involving patient information because of a lost thumb drive and a couple of stolen laptops.

The Surgeons of Lake County scenario is frightening, in part because it can be (and has been) applied far beyond the world of medical records -- in the private sector, certainly, but also in government. Imagine a wave of database kidnappings-by-encryption that target not just health information exchanges and other medical practices but also banks, insurance companies, government agencies and even military facilities. Clearly, such a scenario must be avoided, even if that requires significant changes in the way we store, transmit, use and protect sensitive digital information.

Even within the realm of health care, however, we are seeing early signs of a potential catastrophe, one that will be difficult to avoid precisely because the case for digitizing and centralizing medical information is so strong at every other level. The digitization of medical records may make a whole lot of folks queasy, but it is also smart and efficient, offering a huge opportunity to save both money and lives. It is, in fact, inevitable. Unfortunately, so are data breaches and the identity compromises that will follow.

Click here to become a fan of MSN Money on Facebook

We need to be deadly serious here, because we're not talking just money anymore. Lives are literally at stake. Up to now, the federal government has taken a hands-off position with respect to the workings of health information exchanges, leaving it up to the states to determine how patients' data will be treated and whether they will even be told their information is being shared or are given the choice to opt out. Even when patients are brought into the loop, they must balance the privacy advantages of opting out against the medical risks of being outside the system -- and thus losing the advantages of more rapid and accurate diagnosis and treatment.

No patient should have to make such a life-or-death choice. As our society moves toward digitization and sharing of a wide range of extremely sensitive data, it is essential that we find approaches to information security that rest on a solid foundation, enabling technological and social advances while protecting both individuals' privacy and our institutions' security. Wishful thinking won't cut it. Neither will complacency. If digital information is the bedrock on which our society now rests, we have some serious work to do. If we don't do it, there's a shaky, scary future ahead.

So far, all we think we know about the Lake County incident is that no ransom was paid, the server has been shut off, the police are involved, the patients have been notified, and credit monitoring has been offered to those who face exposure in one form or another. We don't know if the hackers made copies of the files before they encrypted them and have already sold them on the black market, if the server was backed up, and/or if the data was destroyed. Anyone clever enough to pull this off is smart enough not to begin using the data for a while anyway. We don't know if other businesses in the area were hacked as well.

What we do know is that this isn't the first hacking-for-ransom incident, nor will it be the last.

I support digitization, provided the prime directive is security and not simply convenience. I, for one, do not feel a whole lot of comfort walking into my doctors' offices and seeing a wall of open filing cabinets filled with patient files ripe for the plucking by an opportunistic passer-by, an unscrupulous employee or an unwelcome nighttime visitor. Do you?

More from