This is the era of electronic health records that are being increasingly adopted taking into consideration their ease of use and capability to ensure superior care co-ordination. For purposes such as medical record organization and creating medical case summary etc. for medical review purposes, EHRs are considered more convenient. However, along with these digital records come the threat of hackers who find it easy to break into computer networks of healthcare facilities and steal valuable information. In 2014, hackers stole not only credit card information and celebrity snapshots, but also a vast number of medical records from U.S. healthcare facilities. Security researchers say that these attacks on healthcare data are bound to become more common in 2015.
Unsecured Computer Networks Increase EHR Vulnerability
The main reason for this vulnerability is that computer security is not given the priority due to it during the transition to an EHR system. As a result, healthcare data has become a sitting duck for cyber thieves. Why are hackers so interested in stealing medical records? These documents contain personal identification information – for instance, social security numbers and even financial and insurance information. This information can be traded to customers who are looking to impersonate someone with the prime purpose of accessing drug prescriptions or bank accounts. Another thing to note is that in this “mobile” age, many devices such as tablets and smartphones are being increasingly connected to healthcare computer networks. This again poses serious threat to sensitive medical data.
Medical Device Vulnerability – Even More Distressing
What is rather distressing is that even medical devices contain vulnerabilities that could help hackers gain access according to some security experts. Some of these shortcomings are:
- Newer devices could have built-in passwords that are difficult to change
- Intentionally disabling passwords to facilitate access for staff during medical emergencies
- Devices that run on obsolete operating systems with no security patches
- Emailing malicious code to hospital staff, which once opened could enter unencrypted medical device software via the hospital intranet and make the devices function erratically
A foolproof electronic health record system is vital to ensure the safety of healthcare data. It is important that patient details stay safe from hackers while also preventing providers from making alterations to suit some ulterior purpose. A clean and efficient EHR system is necessary for more than one purpose – it is vital from the point of view of timely and appropriate patient care, superior co-ordination of care, ensuring absolute safety of patient information, and facilitating easy access to accurate medical data for medical record review purposes.
