How safe is your medical data?

July 1, 2018

Other Blog Entries

Get the latest news on PicSafe and Clinical Photography


You've been subscribed to our newsletter.

How safe is your medical data thumb

An interesting article in The Age and Sydney Morning Herald discusses how healthcare security measures are generally not commensurate with the sensitivity of the data and the incentives that criminals have to illegally gain access to it.

How safe is your medical data

I don’t think the security measures [health care providers have] are commensurate with the sensitivity of that data and the incentives that some criminals may have to illegally gain access to it.

The security on your bank systems is not perfect either, but in general, if you lose money, you can be compensated for that. If your private health information is leaked you can’t undo that damage.

Monash University software engineering lecturer Robert Merkel

The Cisco 2017 Annual Cybersecurity Report agrees. It stated that cyber-extortion is increasing at a rate of 350% per year with "rich" western doctors being prime targets.

From the article in The Age and the Sydney Morning Herald:

Hackers are increasingly looking for weak systems to collect information for intelligence reasons, fraudulent insurance claims, identity theft and "ransomware", where a malicious program stops a user from accessing devices until a payment is made.

As seen on 60 Minutes Australia and 60 Minutes USA, there's an unfixable vulnerability in mobile networks meaning it's easy for hackers to intercept text messages from anywhere in the world. All they need is a phone number.

89% of physicians polled admitted to taking clinical photos on their phones and the practice of then sending them via text message is rife. A hacker can easily intercept messages and threaten to reveal patient data unless they receive an anonymous Bitcoin payment.

  1. A doctor/clinic/hospital is ethically and often legally obligated to notify the patient.
  2. A doctor/clinic/hospital is often required to notify relevant government bodies.
  3. A doctor/clinic/hospital may be issued a fine for using insecure practices.
  4. The responsible doctor may face suspension, dismissal or other disciplinary action for using insecure practices.

The FBI has issued a warning that hackers are actively trying to access patient data to "intimidate, harass and blackmail".

By allowing doctors to take patient photos and encrypting the data on their device before sending them, PicSafe® helps protect doctors from the threat of nefarious actors stealing patient data this way.