by medicaltechont | Oct 22, 2016 | Cloud, Hardware, Security, Software, Technology
Cyber-warfare – Yesterday a massive DDoS attack took down a large portion of the Internet leaving sites offline or at dial-up speed. At first it was thought that the issue was neutralized, however as midday approached another massive attack rendered major sites unavailable. The attack was targeted at a major domain DNS server provider, however the ramifications to the attack were seen to be much more substantial. Sites like Twitter, Netflix, Reddit, PayPal, Kijiji, Pinterest and even the entire PlayStation Network were down or struggling. This was only a small portion of the list. At the moment we still do not know who initiated the attack, however it’s thought that IoT (Internet of Things) devices may actually be the an accessory to the crime. With so many providers affected we now need to take time analyze how this may affect online EMR providers in the future. Can IoT malware attacks and other types render cloud based applications offline? How does this affect patient care?
To read more about the attack that shutdown a large portion of the Internet click on the links below:
https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/
https://threatpost.com/mirai-fueled-iot-botnet-behind-ddos-attacks-on-dns-providers/121475/
by medicaltechont | May 2, 2016 | Cloud, Security, Technology
Although many enterprises have user access security measures in place, both on-premises and in the cloud, they may not have enough, warned the Cloud Security Alliance in a new report.
The report, “Identity Solutions: Security Beyond the Perimeter,” was released April 21. It’s based on 325 online interviews conducted worldwide by the CSA. The findings revealed “no significant differences in security solutions used” between respondents who reported a breach and those who didn’t, according to the report, which was sponsored by Centrify, maker of identity security tools for the enterprise.
When asked in the CSA survey if their company had ever reported a data breach, 17% of respondents said yes, 26% said they were unsure, and 57% said no. Of those who said their company had reported a breach, 22% said the breach was caused by compromised credentials.
Read more at http://www.informationweek.com/cloud/identity-management-where-cloud-security-falls-short/d/d-id/1325238
by medicaltechont | Apr 23, 2016 | Cloud, Security, Technology
With the “Cloud” getting ever more prevalent it is increasingly coming under more attack. It has become the option for Malware creators who want to create havoc. The question is “how safe is your data from online predators”? Will you become liable for a breach? Read this great article from Forbes magazine below.
How To Determine If You Can Trust Cloud Security
Will 2016 be the year security stops being a reason to avoid public clouds? Because, face it, by now established cloud vendors have likely invested more in security than you can hope to duplicate in-house. But when you’re used to pulling your own security levers, how do you let go of some of that control?
What we need is the cloud security version of a trust fall.
You may have taken part in this team-building exercise: You fall backward into the arms of a coworker while trusting that they’ll catch you before your khakis-clad behind hits the ground. It’s easier to take that plunge when your colleagues have given you reasons to trust them: They step up when you need a hand at work, they have built a solid reputation, they have your back when things go awry.
Read more at http://www.forbes.com/sites/oracle/2016/04/19/how-to-determine-if-you-can-trust-cloud-security/#11c297406c78
by medicaltechont | Dec 13, 2015 | Cloud, eHealth, EHR, Technology, United States
In 1986, a person with lung cancer would be linked to approximately two types of disease. After the genome sequencing was completed in 2003, the medical community was able to find seven other molecular diseases associated to lung cancer and there are more to be discovered.
The access to new molecular data meant people had an increased chance of surviving lung cancer, whereas before the disease was considered a death sentence.
The original human genome project took 13 years to complete the sequence of chemical base pairs which make up human DNA at a cost of $3 billion. Today, this same process takes two days at cost roughly $15.
At the SAP Spotlight Tour earlier this week, healthcare professionals from CancerLinq, the Stanford University department of medicine and SAP’s own chief medical officer made a plea for more patient data to be made available in an effort to gain new insights for healthcare. The ultimate goal of this effort is to provide personalized medicine and treatment.
Read more: http://www.itworldcanada.com/article/why-big-data-means-big-changes-for-personalized-healthcare/379274#ixzz3u8EWcEkv
or visit http://www.itworldcanada.com for more Canadian IT News
Read more: http://www.itworldcanada.com/article/why-big-data-means-big-changes-for-personalized-healthcare/379274#ixzz3u8EJUI00
or visit http://www.itworldcanada.com for more Canadian IT News
by medicaltechont | May 24, 2014 | Cloud, EHR, Ontario, Privacy, Software, Technology, The Internet
Is your cloud (online web-based) application vulnerable to hackers? Do you even know if the OpenSSL security flaw and bug affected your important data? Are you paying attention to your investment? Or do you even care?
With many moving full steam ahead with cloud-based solutions, recent developments have casted a slight shadow on the security of patient data and how much risk a medical practitioner is willing to take with personal medical information in the cloud.
When you visit the doctor, nurse practitioner or other health professionals there is a trust developed; whereby your confidentiality is respected and observed. As a patient you assume that all efforts are taken to uphold that trust. You assume that your personal medical data is secure from the prying eyes of others. However do you really know if your personal information is safe? It’s amazing to know that so many regular individuals assume, in Canada, that their personal information, located within a Doctor’s office, is 100% safe and secure. But what happens if they find out that there was a breach in security? What happens if a patient came to view results of something extremely important, only available within your EMR or medical software, and your “Internet” connection is down? What do you tell the patient? Are you certain that your medical information is safe?
Read: Cisco and Heartbleed, A Class Action Lawsuit In The Making (Seeking Alpha)
Although the term “online web based billing software” is the new buzz word, not all solutions have to be cloud-based. Many use terms like “bill from anywhere“, or “use any web-browser“, yet there are alternatives, which still allow you to be in control or your data. Many companies will never tell you how often their networks are down. Fear is used scare individuals into thinking that their equipment is safe with their company. “ 99% up-time“, is the standard default line for most online and cloud providers. However, as a medical professional, you assume the risk to your reputation and medical license. Patients believe that “you” and your medical practice are in trust of their personal medical and critical information. We all know, once trust is broken it is often difficult to repair.
Good luck trying to blame your technical problems on others when your cloud application is down (offline), your web-based provider was hacked (losing personal patient information) or even have disappeared with your data (bankrupted). Some comments from online vendors are shown below.
” Sorry about that folks, someone literally drove over our Internet connection this morning and ripped it from the pole. Everything restored.”
“The six-hour outage of Cerner’s network late last month has raised fresh concerns about cloud hosting of patient records.”
“ Target ignored its own alarms—and turned its customers into victims of an epic hack“(Bloomberg Businessweek)
“EBay initially believed user data safe after cyberattack“(Toronto Sun)
If your medical patient records are in the cloud ask yourself the following questions.
- Who actually has your data?
- Where, on planet Earth literally, is your data located?
- Are their cloud servers in Canada? The U.S.? Overseas? Or in an undesirable location in another country?
- If your patient data is in a foreign country what laws govern access to that information?
- Who is actually looking at your entrusted patient data?
- What is the risk and liability to your medical practice?
When choosing a vendor, for your medical software, never assume that the data within their office. Ask questions, first and never assume. Servers could be anywhere.
“If the cloud that hosts your data has servers in a foreign country, the laws of that foreign country may govern your data when stored in that server.”
Think of a more balanced approach to medical file management and health records. There are options to mobility that will not compromise your medical data. Just because it looks cheap, bleeding edge and downright “cool”, does it make it the best solution for you?
You can survive without your Facebook page, even Microsoft Word online for a while, but what about your medical records, lab reports and more; in relation to your office, or hospital? Under some certifications and requirements today EMR is considered a medical device; which must operate and function in a specific manner. If medical records and software were like a pace-maker, how much risk would you take?
by medicaltechont | Apr 19, 2014 | Cloud, e-Health, eHealth, Security, Software
By Nicole Perlroth
The Heartbleed bug that made news last week drew attention to one of the least understood elements of the Internet: Much of the invisible backbone of websites from Google to Amazon to the FBI built by volunteer programmers in what is known as the open-source community. Heartbleed originated in this community, in which these volunteers, connected over the Internet, work together to build free software, to maintain.
wasWhat makes Heartbleed so dangerous, security experts say, is the so-called OpenSSL code it compromised. That code is just one of many maintained by the open-source community. But it plays a critical role in making our computers and mobile devices safe to use.
“This bug was introduced two years ago, and yet nobody took the time to notice it,” said Steven M. Bellovin, a computer science professor at Columbia University. “Everybody’s job is not anybody’s job.”
Read more at:
http://economictimes.indiatimes.com/articleshow/33958360.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst
