Your Personal Health Data Is Not Safe
PC Magazine|September 2020
Your Personal Health Data Is Not Safe
Electronic medical records are an incredible boon to healthcare.

When necessary, doctors can obtain important information such as your allergies, medical history, and known conditions, which can make all the difference in an emergency. But letting that information fall into the wrong hands could be a serious problem.

Regulations such as HIPAA aim to promote a super-high standard of security for personal medical information, with massive fines for failure. But a fine for security failure doesn’t necessarily create security success. Doctors and medical organizations rely on software vendors for secure systems, and as we’ve seen, software can be buggy. Worse, the medical organizations don’t have the knowledge to use the secure systems correctly and keep them disconnected from insecure systems.

Seth Fogie, Information Security Director for Penn Medicine, performed what he called an on-screen biopsy of healthcare security in the US for Black Hat attendees. It wasn’t pretty.


As Foglie introduced himself, he noted that he had presented at Black Hat 16 years ago on the topic of Pocket PC security abuse. That seems dated today, but as he pointed out, Windows CE and other antiquated, insecure systems are still used in the healthcare industry.

“Patient records are being exploited and sold,” explained Foglie. “There is monetary value.”


You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber


Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines


September 2020