Fierce Health Technology October 20, 2021
Rebecca Torrence

Third-party apps and aggregators that pull data from electronic health record systems may be vulnerable to hacks, putting millions of patient and clinician records at risk, a new report found.

In research published by cybersecurity company Approov, cybersecurity analyst and “recovering hacker” Alissa Knight tested the vulnerability of three production application program interfaces, communication channels that link a mobile app to the server containing EHR data. The APIs use the Fast Healthcare Interoperability Resources (FHIR) standard for healthcare data, containing aggregated data from more than 25,000 providers and payers.

With a single patient login account, Knight was able to access more than 4 million patient and clinician records.

Of the three APIs tested, which serve a network of 48 mobile...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Technology
Related Articles:
The cybersecurity provider’s next opportunity: Making AI safer
Cyber resiliency in healthcare — 3 roundtable takeaways
National cyber director calls for streamlined security regulations
Hackers Are Using AI Against You: Here Is How To Protect Yourself
How Generative AI Will Change Jobs In Cybersecurity

Share This Article