Healthcare and security breaches regarding “My Health Record”

Comments are off
Marcelo Orlandi
Healthcare and security breaches regarding “My Health Record”

By now, you have probably heard of all the noise about My Health Record and people trying to opt-out. In addition to that you may not have heard about the portal and its concerns about its privacy.

If you haven’t, since July 16 all Australians will have three months to opt-out, or a My Health Record will be created for them by the end of 2018.

Are you aware that a number of third-party health apps will be able to show patients their My Health Records, data, but not store them?

Perhaps public concern about privacy controls on this new platform is the main reason they starting to opt-out.

Half of the healthcare CISOs (Chief Information Security Officer) have admitted suffering a security breach in the last 24 hours. This does not help to reinforce the concept of people not opting out from the new My Health Records. David Braue from CSO states that only 65% of those healthcare organization had a formal business or governance plan that included managing cybersecurity issues. From all those organizations, 22% said they were continuing to store and manage healthcare data using end-of-life systems that had no vendor support. This means new vulnerabilities not being addressed through vendor patches and updates. For example, systems running on old Microsoft Windows XP or even Microsoft Windows 2000 versions.

As you can clearly see, patching and keeping systems up-to-date is important, independently of your business, from a healthcare organization up to a sole-trader who run a business from a laptop: everybody and every device is important.

Be safe out there, until next Malware Monday.