Tuesday, February 16, 2016


Any electronic record is a potential victim of hackers. This includes hospital patient records as well as those now mandated Electronic Records (ERs) that doctors must use and maintain with all their personal information including Social Security numbers.

“Digital security related to medical devices such as pacemakers and MRI machines has become a growing concern.
In 2012, the Government Accountability Office issued a report stating that a number of intentional security threats could exploit vulnerabilities in implantable medical devices and called on the Food and Drug Administration to consider the risks in its approval process”.

The following  news item Tuesday is very scary!.
“A Southern California hospital fell victim to hackers last week — offering a glimpse at one of many digital threats facing health care.  Hollywood Presbyterian is at least the fourth hospital this year to be reportedly affected by ransomware.

Criminals reportedly infected Hollywood Presbyterian Medical Center computers with ransomware — malware that cryptographically locks devices. The thieves have demanded 9,000 bitcoins, the equivalent of $3.65 million, to unlock the machines, according to sources who spoke with Los Angeles television stations.

Though there are no recorded patient injuries or deaths tied to cyberattacks, digital security in hospitals, and, perhaps, more importantly in medical devices such as pacemakers and MRI machines, has become a growing concern in the industry.

When Avi Rubin began taking tours of East Coast hospitals in the 1990s, he found myriad reasons to worry.
Sloppy password protections at computer labs, practices vulnerable to tampering, and drug dispensing robots controlled by software.
“What if something went wrong with that software?” said Rubin, a Johns Hopkins University computer science professor, at the Enigma Conference, a security gathering in San Francisco last month.
“What if someone were attack this system and cause all the drugs to be wrong?”
If those changes weren’t noticed, thousands of people could receive incorrect dosages or medication. They could die.

1 comment:

  1. This doesn't come as much of a surprise. When my late father was hospitalized last year I noticed that each nurse had a cart with a laptop computer which they used for entering everything from a patient's vitals to scanning the barcodes on the patient's wristband and the medications that were administered. When the laptops were low on juice the carts would be rolled to an electrical outlet in the hallway for a battery recharge and often the screensaver would come on. I was surprised the laptops were still using the Windows XP operating system, which Microsoft had stopped supporting several years earlier. The XP logo would bounce around a black screen giving a subtle reminder just how vulnerable the hospital's database of personal medical information was to potential security threats.