Your Medical Records Are Not Safe


Medical records at an Australian medical centre have been held to ransom by web hackers

In a recent edition of Electronic Design Europe my editorial column asks the question; "are our medical records safe from hacking?" Recent news from Australia has answered the question; no they are not.

Patient records held at an Australian medical centre have been infiltrated by hackers who have encrypted the data and are now demanding a ransom to decipher the files and return the content to its original form. The ransom demand is £2500 which is pretty small, but what this scam does is illustrate the ease with which this server attack was carried out.

There is however an unusual aspect to this hacking. Typically they are enabled via a virus attack but in this instance the medical centre had adequate antivirus software in place and is certain the attack was not the result of a virus. This was a straightforward hacking of the medical centre's server and subsequent encryption of medical data.

Keeping It Safe

This just one of many major security concerns surfacing regarding the massive amounts of personal data being generated by electronically enabled health monitoring systems. How and where can this data be safely transmitted and stored are topical questions relative to this?

Cloud computing storage is an obvious answer. Industry experts generally agree that hacking into a Cloud is virtually impossible. So data would be safe. That's fine but what about getting the data to and from the Cloud?

Communication Concerns

This is where a major concern lies regarding patient privacy. We are all monitored when using our computer or mobile communications keyboards but most of what we do, such as personal banking, is reasonably secure. However, the reality is that we are all subject to surveillance by our ISPs and companies like Google. These organisations monitor every keyboard move and this analysis is used to create data that can be employed commercially, for example to increases the effectiveness of marketing campaigns. But what if this surveillance is able to grab medical data and then relay it to insurance companies or to medical supply companies? The implications of this are worrying and could very well require Government legislations to ensure the protection of medical data from attempts to commercially exploit it.

Pay The Ransom

What about the ransom demand being made to the Australian medical centre involved in this latest example of medical record in security? Despite the best efforts of software experts to decode the illegal encryption it looks like the ransom will have be paid; a situation that could have been avoided it adequate encryption of the medical data had employed in the first place

Newsletter Signup

Please or Register to post comments.

What's London Calling?

Blogs on the electronics industry


Paul Whytock

Paul Whytock is European Editor for Penton Media's Electronics Division. From his base in London, England, he covers press conferences and industry events throughout the EU for Penton...
Commentaries and Blogs
Guest Blogs
Nov 11, 2014

How to Outsource Your Project to Failure 4

This article will address failure to carefully vet a potential manufacturing or “turnkey” partner and/or failure to transfer sufficient information and requirements to such a partner, a very common problem I have seen again and again with my clients over the years, and have been the shoulder cried upon by several relatives and clients in the past....More
Nov 11, 2014

Transition from the Academe to the Industry Unraveled 1

There have been many arguments here and there about how short-comings of universities and colleges yield engineers with skill sets that do not cater to the demands of the industry. There have been many arguments here and there about an imminent shortage of engineers lacking knowledge in the sciences. There have been many arguments here and there about how the experience and know-how of engineers in the industry may vanish due to the fact that they can’t be passed on because the academic curriculum deviates from it....More
Nov 11, 2014

Small Beginnings 5

About 10 years ago I received a phone call from an acquaintance. He had found a new opportunity selling some sort of investments and he wanted to share it with me in case I was interested. Ken had done fairly well for many years as a contract software developer primarily in the financial services sector. His specialty was writing RPG code. (RPG is often referred to as a write only language.) But he was seeing the handwriting on the wall as the industry moved on to other methods, and saw himself becoming a fossil....More

Sponsored Introduction Continue on to (or wait seconds) ×