Events Calendar

Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
26
27
28
29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

Events

Latest News

Apr 15: ‘Heartbleed’ Bug Could Affect Health Care Industry, Experts Warn

ehr replacement

Hospitals’ and providers’ online networks — including email accounts, electronic health records and remote monitoring devices — could be vulnerable to an encryption bug called “Heartbleed,” according to security experts, Modern Healthcare reports (Conn, Modern Healthcare, 4/11).

About the Bug

Last week, a Google engineer and another security team discovered the bug and found that it infiltrates systems through a Web encryption program known as OpenSSL, which is used by hundreds of thousands of websites including Amazon and Google (Finkle, Reuters, 4/10). Experts say that hackers could potentially use the program to get sensitive information from:

  • Email servers;
  • Laptops;
  • Mobile phones; and
  • Security firewalls.

Potential Implications

At this point, it is unclear if the nation’s health care providers are especially vulnerable. For example, CynergisTek CEO Mac McMillan said Web networks that rely on two- or three-factor password authentication should be safe (Wicklund, mHealthNews, 4/11).

However, David Harlow, principal of health care law Harlow Group, warned that health groups that do not rely on OpenSSL should be worried about ramifications of the massive breach. He said, “Heartbleed can set back trust in health IT that has been building as it proliferates, and as the protections under HIPAA/HITECH are baked into the policies and procedures of more and more vendors” (Bowman, FierceHealthIT, 4/11).

Further, security vendor Trend Micro in a blog post on Thursday raised concerns about threats to mobile phone applications, such as health care applications that use individuals’ personal and financial data (Vijayan, ComputerWorld, 4/11).

No Threat to Federal Websites, Officials Say

Meanwhile, officials from the Department of Homeland Security noted that the government’s main public websites were not affected by the bug.

Specifically, CMS on Thursday said the vulnerability did not affect consumer accounts on the federal health insurance exchange or the Medicare website, MyMedicare.gov (Sternstein, NextGov, 4/11).

Comments

McMillan said the issue “is huge … it’s servers, it’s appliances, it’s devices,” adding that the bug has been around for about two years and that experts do not know how many breaches may have already happened.

Although government agencies and private companies are rushing to fix vulnerabilities, breaches may not be detected for a long time, if at all.

“It’s going to be a long, long time before they truly understand the scope of this,” McMillan said.

CloudFlare CEO Matthew Prince called Heartbleed “the worst bug the Internet has ever seen,” adding, “If a week from now we hear criminals spoofed a massive number of accounts of financial institutions, it won’t surprise me” (mHealthNews, 4/11). Source

HIMSS Special Part 1: HIT Visionary Zach Fox
Check out industry insight from HIT visionary and DrFirst Executive VP and GM, Zach Fox. Visit DrFirst at HIMSS Booth 6232.
We respect your privacy. Your information is safe and will never be shared.
Don't miss out. Subscribe today.
×
×
WordPress Popup
HIMSS Special Part 1: HIT Visionary David Lareau
Check out industry insight from HIT visionary and Medicomp CEO, David Lareau. Visit Medicomp at HIMSS Booth 3421
We respect your privacy. Your information is safe and will never be shared.
Don't miss out. Subscribe today.
×
×
WordPress Popup
casipoldiyarbetetabetetabetw88w88w88betfokusbetfokuslordbahisparobetparobetbuzbahisbullbahiscasino sérieuxcasino sérieuxcasino sérieuxcasino sérieuxcasino en ligne populairemeilleur site de jeux casino en lignemeilleur site de jeux casino en lignecasino en ligne en francecasino en ligne en francecasino en ligne de confiancebetbinanstwinplayistanbulbahisistanbulbahisistanbulbahisparis sportifs hors arjelonwin üyeliksahabet üyelikrestbet girişpulibetsüperbetinbtcbahiscanlı casino sitelerionline casino1xbet mobilligobet mobilcapitolbetmostbet üyelikbizbet üyelikgobahis girişmatbet girişikimisli girişbordobet girişbetcio girişalfabahisalfabahisbetgoowinxbetwinxbetwinxbetwinxbetbetkanyontaksimbetrexabetrexabetrexabetenobahisbookmaker hors arjelparis sportifs en Italieparier sur les cornersparier sur le nombre de tirsmystake chickenparis hippiques en ligneplinko francecasino diceBetzinoVasyCbetCasino Lucky8betkanyonbetkanyontaksimbettaksimbettaksimbettaksimbetbetistbetistbetistenobahisenobahisenobahisbetkolikbetkoliksmartbahissmartbahissmartbahistrendbettrendbetgamabetgamabetgamabetgamabetaspercasinoaspercasinoaspercasinonisanbetnisanbetnewbahismelbetonbahisbetonredbetonredromabettipobettipobetefes casinobetandreasfixbetbetbababetbababuzbahisbuzbahisbullbahisbullbahisbetsofbetsofall right casinokombinebetbetbinansbetbinansbetbinansmaksatbahisbetbabaorisbetorisbetbizimbahissiyahbethayalbahishayalbahishilbetsantosbettingsantosbettingsantosbettingsantosbettingnerobetnerobetswordbetswordbetswordbetinbahislevabetlevabetlevabetcasiveracasiveracasiverakordonbetkareasbetprincessbetkikbetkikbetkikbetbetmarketbetmarketbetmarketyapbahsinibetingoasyabahishipercasinocasinoperbahisnowsüpertotobetalibahisfaulbetfaulbetrelaxbahisbetingoasyabahiscasinopercasinoperbahisnowbahisnowpiyasabetpiyasabetyonjabetcasinoslotbetibombetibomredwin