Shostack + Friends Blog Archive


That’s Funny….

picture of chopped sock that is illustrative of non-amputated foot
Over the last week, I’ve read several things involving poor Lind Weaver. In case you missed it, she’s a 57-year-old owner of a horse farm. She got a bill for the amputation of her right foot. As you should expect if you’re a regular reader here, it wasn’t her. Comic hijinks ensue which conclude with

After weeks of wrangling with the hospital’s billing reps, Weaver finally stormed into the facility and kicked her heels up on the desk of the chief administrator. “Obviously, I have both of my feet,” she told him.

She’s either the victim of an incredible records screw-up, or (cue dramatic organ chords) Healthcare Identity Theft. The articles I’ve read state that it’s the latter, and in fact while it may be comic, it’s no laughing matter. This sort of thing is going to get someone killed.

Many years ago, Stan Kelly-Bootle told us that GIGO means Garbage In, Gospel Out. This is the tendency that data, having passed through a computer, is sanitized and made holy and incorruptible. The Pope is only infallible when he’s speaking ex cathedra, but the an Excel spreadsheet — there’s no arguing with that.

I just have to blink several times that in this day and age when a middle-aged woman calls a hospital up and says, “excuse me, there must be a mistake in this bill for an amputation” that no one thought there might be something wrong. This is the power of the GIGO principle. The old saw that the computer doesn’t make mistakes is still there, people just bite their tongues when they think it.

We also have a Digital Confidence Survey from the Cyber Security Industry Alliance (CSIA) that has lots of pretty graphs and things that I have trouble making sense of.

The Digital Confidence Index is 57. Um, okay. I’m not sure what that means. The CSIA thinks that that means people want more laws about this. I’m not disagreeing, I have my own ideas on what those ought to be.

There’s a nice chart there that tells us that 50% of Internet users “avoid making purchases because I’m afraid my information could get stolen.” There isn’t enough context here. There are plenty of times I have avoided buying something on line for more or less that reason. But if you dig deeper, it was because they wanted me to register and create an account, not because of my personal information itself. I don’t want to have a relationship with them, I want to buy something. Maybe if I buy a number of things, I’ll want to proceed with a relationship, but not on the first date.

Nonetheless, I don’t think this is exactly what is behind that datum. People are still being afraid of the wrong things. Network security could be a lot better, but the best thing you can do to avoid identity theft is to buy a shredder. I don’t have the reference at hand, but last year, 90% of identity theft was from dumpster-diving and so on, not computer problems.

As bad as network security is, the real danger is elsewhere. It’s the same problem as worrying about airline safety as you drive without a seat belt.

But really, isn’t it better that people lose confidence in computers and networks? The way I see it, we have a surfeit of belief that whatever that screen says is right. Identity theft problems can be helped more by realizing that every business process in the world is screwed up and the ones that are computerized are going to be screwed up in zanier ways because there is no human oversight.

Discoveries don’t from from flashes of insight, but from a mutter that starts with, “that’s funny….” We need fewer people in charge of these systems saying not, “our records show you had an amputation on April 31st” and more people saying, “that’s funny….”

Photo courtesy of drea.renee.

2 comments on "That’s Funny…."

  • Computer 91347012 of 2403710000 on the Internet says:

    I think there’s more too it than “the computer is always right,” thought that certainly plays more as technology is pushed down down down to the minimum-wage, no real tech skills, entry-level worker.
    It’s also has to be due in part to the change in business models or reach: the customer base for your average business doesn’t just include Joe who lives in your neighborhood, Mary who is always scowling when she visits, and Bob who always calls 2-3 times just to make sure the order is okay. Why should I trust the customer (who I’ve never seen) more than my computer screen that I use everyday and that holds some power over my evaluations/metrics/etc?
    Further, businesses–especially those that routinely send large bills, such as in healthcare–have to deal with all kinds of fraudsters, excuses, etc, and the pressure is always on the bottom line to “deny the claim”.

  • albatross says:

    Yeah, there’s been this customer-service revolution in my adult lifetime, in which at least half of the big companies with which I do business now use the customer-service model formerly reserved to the DMV and various bureaucracies behind the Iron Curtain. “Please hold, an operator will be on the line” “Due to unusual call volume, we are experiencing delays.”
    How many times have you gotten some odd thing on a bill, called, and had the guy on the other side say “oh, that’s an error, I’ll remove it?” Or been unable in less than an hour to get someone to fix some problem? Inevitably, there’s no way to go sit in someone’s office until they fix it, there’s just some guy in a windowless room in Bangalore with a script and a menu of the five ways he’s allowed to say no to you.
    Bills that are obviously wrong, but which can’t be fixed by anyone who will talk to you on the phone, are just one more piece of this.

Comments are closed.