Friday, July 10, 2009

Did a computer virus cause an EMR data breach in Canada?

I've been told that clinicians in Canada refer to electronic health records (EHRs) primarily as electronic medical records or EMRs. Here in the U.S., some people differentiate among EHR vs. EMR while others use them synonymously. I'm not going to get into that debate right now.

So, did a computer virus cause a breach in EHR (or EMR if you prefer) data in Canada? According to Healthcare IT News:
"Officials are saying that a virus is to blame for compromising thousands of patient medical records at Alberta Health Services. The virus is said to be a new variant of a Trojan horse program called Coreflood, which is designed to steal data from an infected computer and send it to a server controlled by a hacker. Coreflood captures passwords and data the user of the computer accesses."
If you're using an EHR, I hope you have some robust anti-virus protection on your systems. It's more important to ensure that your software is constantly updating so that you're protected against the latest threats. If your virus database is outdated, then you're not protected. Of course, it also takes some common sense to ensure that you don't open attachments or e-mails that appear questionable at best.

To find some practical computing tips, make sure to visit:

1 comment:

  1. I wouldn't be surprised. Hackers highly value medical record databases as they contain so much personal identity information. Once you've hacked a client on the network, containing an EMR/EHR database, the hacker can install a keylogger to record user id/password and then use those to access the database.