A year-long investigation by The Washington Post has found that healthcare is among the sectors most vulnerable to cybercrime.
Partly, says the report, this is because the sector does not address known problems it has with security.
The report quotes Avi Rubin, the technical director of the Information Security Institute at John Hopkins University who says “I have never seen an industry with more gaping security holes”.
However compared with other sectors such as the financial and military, healthcare has been the victim of relatively few attacks but the fear is that number of incidents could rise.
At risk is patient privacy or even, in an extreme case, crucial hospital IT systems.
The report gives the example of OpenEMR, an open-source electronic medical records management system which is well-known in the sector. The system has “scores” of security flaws that make it an easy target for hackers.
Or, in another example, the report points to how the University of Chicago medical center ran an unsecured Dropbox account as a means for new residents to manage patient care through their iPads, using a single name and password published in an online manual.
The nature of the future threat to healthcare was shown last year by a researcher who used a specialised search engine to locate a wireless patient glucose monitor which was linked to the internet and therefore open to hackers.