Computer hacking is not just about technology or just energy.
It extends far beyond these traditional sectors to reach much of the medical sector today.
This article will also interest you: Personal information related to French patients published online
According to Greenbone Networks, a German company specialising in the digital technology wanted to raise a problem with systems archiving some of the medical data, in particular medical imaging, which it feels that it is too easily searchable. This ease of access to this data is believed to be due to the system as a whole is highly vulnerable. And according to the survey by society, some of the systems concerned are located in France. This challenges the security of medical data.
To give its opinion on the issue, the German company, Greenbone Networks had studied approximately 2,300 medical imaging archiving systems, systems that were available on the internet for half the month of July until the beginning of September of this year. From this analysis, it has been shown 590 of the systems in question were freely available, including 39 who were unprotected. A total balance sheet counts us about 24 millions of records from medical archiving systems 52 countries around the world, affected by this vulnerability jeopardizes the privacy and security of data and patients by ricochet. These systems as a whole account for more than 731 million about 400 million of them can easily be downloaded from the internet.
France is particularly affected by this controversy medical data security. Indeed, among the servers medical conditions that have been detected, there are 7 that are located in France, and which have rather grotesque security flaws. Its servers contain at least 2.6 millions of images 47,500 patient files. And all this data is simply accessible on the internet.
The major problem with this security issue is not simply the accessibility of medical data. Security defects also affect patient information simply. Indeed, the images are always accompanied by this information that allows to identify their owners or the recipients. As a result, medical data is not sufficiently protected, patients are not sufficiently protected, who are at the mercy of people who are not always of good will.
Among the information that is disclosed with medical data, it is often possible to have access to patients' names, first names, date of birth and other types of data relating to several examinations that they could have performed, such as dates, types of imaging procedures, the name of a treating physician and the name of the health facility.
moreover, the German company has meant that it has not even used a sufficiently advanced computer technique. This is explained by cohesity's head of Systems Engineering Large Accounts EMEA, who points out: "To carry out their study, Greenbone Networks experts used online tools to discover connected equipment. They simply searched for systems incorporating the DICOM protocol, a technology standard based on TCP/IP used in particular by health care providers for the exchange of medical data.
Suffice to say that this type of research is accessible to as many people as possible, and that a thorough knowledge of information systems is not necessary. So it's an easy win for people who are ill-intentioned. ». He added: "The online availability of highly confidential files demonstrates that organizations and individuals are not fully aware of the risks involved in hosting medical documents on servers accessible from the Internet. ».
Now access an unlimited number of passwords: