Your Medical Records Are Not Safe


Medical records at an Australian medical centre have been held to ransom by web hackers

In a recent edition of Electronic Design Europe my editorial column asks the question; "are our medical records safe from hacking?" Recent news from Australia has answered the question; no they are not.

Patient records held at an Australian medical centre have been infiltrated by hackers who have encrypted the data and are now demanding a ransom to decipher the files and return the content to its original form. The ransom demand is £2500 which is pretty small, but what this scam does is illustrate the ease with which this server attack was carried out.

There is however an unusual aspect to this hacking. Typically they are enabled via a virus attack but in this instance the medical centre had adequate antivirus software in place and is certain the attack was not the result of a virus. This was a straightforward hacking of the medical centre's server and subsequent encryption of medical data.

Keeping It Safe

This just one of many major security concerns surfacing regarding the massive amounts of personal data being generated by electronically enabled health monitoring systems. How and where can this data be safely transmitted and stored are topical questions relative to this?

Cloud computing storage is an obvious answer. Industry experts generally agree that hacking into a Cloud is virtually impossible. So data would be safe. That's fine but what about getting the data to and from the Cloud?

Communication Concerns

This is where a major concern lies regarding patient privacy. We are all monitored when using our computer or mobile communications keyboards but most of what we do, such as personal banking, is reasonably secure. However, the reality is that we are all subject to surveillance by our ISPs and companies like Google. These organisations monitor every keyboard move and this analysis is used to create data that can be employed commercially, for example to increases the effectiveness of marketing campaigns. But what if this surveillance is able to grab medical data and then relay it to insurance companies or to medical supply companies? The implications of this are worrying and could very well require Government legislations to ensure the protection of medical data from attempts to commercially exploit it.

Pay The Ransom

What about the ransom demand being made to the Australian medical centre involved in this latest example of medical record in security? Despite the best efforts of software experts to decode the illegal encryption it looks like the ransom will have be paid; a situation that could have been avoided it adequate encryption of the medical data had employed in the first place

Please or Register to post comments.

What's London Calling?

Blogs on the electronics industry


Paul Whytock

Paul Whytock is European Editor for Penton Media's Electronics Division. From his base in London, England, he covers press conferences and industry events throughout the EU for Penton...
Commentaries and Blogs
Guest Blogs
Jan 26, 2017

An Amateur’s View on the P2 (Part 2): Slew Rate and the Oscillator 3

Justin Mamaradlo takes a further look into the P2 op amp and how it functions, analyzing the oscillation and slew-rate characteristics of the venerable component....More
Jul 15, 2016

Simple Yet Effective ESD Testing Methods for Higher Reliability 11

There are multiple ways to test for electrostatic discharge, ranging from implementing a human-body or machine model to....using a balloon and a comb?...More
Apr 8, 2016

Confabbing on the Fabless Fad 5

High capital and maintenance costs, and EDA advances along with abstractions to deal with chip complexity, have been leading contributors to the fabless migration....More

Sponsored Introduction Continue on to (or wait seconds) ×