Fierce Health Technology October 20, 2021
Rebecca Torrence

Third-party apps and aggregators that pull data from electronic health record systems may be vulnerable to hacks, putting millions of patient and clinician records at risk, a new report found.

In research published by cybersecurity company Approov, cybersecurity analyst and “recovering hacker” Alissa Knight tested the vulnerability of three production application program interfaces, communication channels that link a mobile app to the server containing EHR data. The APIs use the Fast Healthcare Interoperability Resources (FHIR) standard for healthcare data, containing aggregated data from more than 25,000 providers and payers.

With a single patient login account, Knight was able to access more than 4 million patient and clinician records.

Of the three APIs tested, which serve a network of 48 mobile...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Technology
Notorious Ransomware Gang Warns New Attacks Incoming On Feb. 3, 2025
How Generative AI Is Powering A New Era Of Cybersecurity
7 of the biggest healthcare cyberattack and breach stories of 2024
‘Orgs need to be ready’: AI risks and rewards for cybersecurity in 2025
Healthcare cybersecurity in 2025: 3 things to know

Share This Article