Re:It's time to make the SSN database public (Score 1)

If you have ever been in a hospital, doctor's office, dentist's office, nursing home, or any other healthcare facility, then there is already quite a large number of people who have access to your SSN. In fact, it's typically listed on the front page (face sheet) of the chart conveniently placed near your address history, phone numbers, date of birth, and any other piece of information that might be useful on a credit card application.

People who look at the face sheet as part of their job:

1. Doctors, Nurses, Physical Therapists, Dietitians, PAs, PharmDs, social workers, CNAs, techs, porters, Ambulance drivers/paramedics, and dozens of other professions
2. Students of any of the above mentioned professions
3. Billing, medical records, filing, charge entry, or accounts receivable clerks
4. Scores of other employees at the insurance company end

People who have access to this information when no one is looking:

1. Anyone wearing scrubs or a white coat with a photoshopped ID
2. Secretaries, security guards, volunteers, janitors, inspectors, auditors, office managers, IT people

Yes, I realize that the vast majority of these people would never abuse this information, but all it takes is one person. And while if a pattern of thefts occurs, it may be possible to trace back and identify the culprit based on shared victim characteristics (they all were residents of hospital X), it's really too late by that point. Who cares if the guy is arrested when 1000s of people have had their credit history ruined. Also, a crook could simply bribe different minimum wage clerks at several different healthcare facilities and make it almost impossible to establish a pattern.

It may not be as spectacular as "hacking a database," but rest assured that this information is readily available to any scumbag with minimal social engineering skills (or a half-baked disguise), albeit probably not in the same quantity (it would take a while to photocopy 800,000 face sheets). But keep in mind also that nursing home residents and the like are not exactly the type of people who religiously check their credit report.

There is some hope, however. Many big hospitals are going EMR (Electronic Medical Records), and this should increase security by a good measure. Chances are though that your local family practice is going to stick with paper charts and is not going to lock them up at night (though they are required to by HIPAA and other regulations).