Fierce Health Technology October 20, 2021
Rebecca Torrence

Third-party apps and aggregators that pull data from electronic health record systems may be vulnerable to hacks, putting millions of patient and clinician records at risk, a new report found.

In research published by cybersecurity company Approov, cybersecurity analyst and “recovering hacker” Alissa Knight tested the vulnerability of three production application program interfaces, communication channels that link a mobile app to the server containing EHR data. The APIs use the Fast Healthcare Interoperability Resources (FHIR) standard for healthcare data, containing aggregated data from more than 25,000 providers and payers.

With a single patient login account, Knight was able to access more than 4 million patient and clinician records.

Of the three APIs tested, which serve a network of 48 mobile...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Apps, Cybersecurity, Digital Health, Health IT, mHealth, Patient / Consumer, Provider, Technology
Related Articles:
Dropzone raises $17M to build autonomous cybersecurity AI agents
Back to Basics: The Role of AI in Cybersecurity
Oracle Announces World HQ Move to Nashville and Its Autonomous Shield Initiative
Oracle launches Autonomous Shield initiative, with eye on cloud cybersecurity
Lessons for CISOs From OWASP's LLM Top 10

Share This Article