Healthcare IT Security

July 5, 2006

The(Doctor )is logged in …

Filed under: Health Informatics, Medical Informatics, Privacy, Security, Software Engineering — healthcaresecurityguy @ 1:36 am

Business week last week contained an article on telemedicine. Its not first time this has cropped up in books “The world is flat” too has similiar references. As with any services in knowledge economy the work tends to float towards where there is cheap labour. It appears to me that there are a few things that mihgt have been overlooked. For starters that would be the privacy of the patient. Yet another one would be the threat to which the patient is exposed due to bugs in software. How about security of the software, it would be an interesting target for anyone from petty criminals to intelligence agencies….the rest is left to your imagination. I am sure inspite of all the risks this sector would grow..


June 27, 2006

PET 2006

Filed under: Cryptography, Medical Informatics, Privacy, Security — healthcaresecurityguy @ 10:50 pm

Privacy Enhancing Technologies Workshop is going to be held in Cambridge. One of the speakers dropped by to give a presentation on Protecting Privacy with the MPEG-21 IPMP Framework. Interesting thought DRM framework used for providing privacy :-). I guess the key here is what is the driving force, is it the economic forces or need for privacy. One thing is clear, objectives of DRM and providing privacy are different. Interesting intiative..end result ..well wait and see…

June 18, 2006

NHS IT program in news again

Filed under: Health Informatics, Medical Informatics, Privacy, Security — healthcaresecurityguy @ 1:26 am

NHS and its overpriced overdelayed IT program has come to public attention again for the wrong reasons. Interestingly enough, in a country where ID cards caused so much heated debate, this has remained under the radar. All major IT projects in UK have failed in the past, this is very well known. The patient data of millions of NHS patients would be put into an untested system. The implications of it are to be seen. The price which NHS patients would ultimately might have pay might be those of thier lives only time could tell.

June 9, 2006

UK government interested in security and privacy of patient data ?

Filed under: Health Informatics, Medical Informatics, Privacy, Security — healthcaresecurityguy @ 12:22 pm

 I happened to attend Trustguide workshop, an intiative by industry and goverment of UK ( DTI). The feed back from this supposed to go back to folks who make policies, interestingly enough we were asked what do u think about NHS IT. The folks in the room, mostly Phd students in ISG didnt seem to think it was a great idea. And the mediator/presentor seems to think the same. Hope the voices of concern reach someone in power who cares about this.

May 8, 2006

Hacking health

Filed under: Health Informatics, Medical Informatics, Security — healthcaresecurityguy @ 1:22 am

An interesting talk on Electronic Patient Records in The Netherlands. The bittorrent to the whole lecture is available so is the slides, very interesting observations from who doenot claim expertise on either healthcare or security.

April 7, 2006

Health privacy

Filed under: Health Informatics, Medical Informatics, Privacy — healthcaresecurityguy @ 6:26 am

An interesting article about health privacy titled Protect Your Health Privacy

March 17, 2006

Open Source vs. Commercial Software in healthcare

Filed under: Health Informatics, Medical Informatics, Security — healthcaresecurityguy @ 12:29 am

I had posted my thoughts on open vs commercial software in healthcare. I found an interesting post in Healthblog,you could guess, where the blog is from. Interestingly enough there is reference to security of Vista EMR ( look who is talking ). Assuming that level of security provided remains at current levels, I would be suprised if there are no serious implications to privacy and security if a transition to so called commercial OS and applications.

March 16, 2006

How about computer viruses infecting you ?

Filed under: Health Informatics, Medical Informatics, Security — healthcaresecurityguy @ 3:40 pm

An interesting post on slashdot set me thinking. RFID’s are used in medical procedures, what would that mean, computer viruses infecting humans ( with RFID’s). The acceptance of RFID’s has raised few eyebrows regarding privacy more interesting events may be on the horizon

March 7, 2006

Accidental auctions of medical records ….

Filed under: Medical Informatics, Security — healthcaresecurityguy @ 6:55 pm

Another incident of sensitive medical health records being revealed apparenlty from a report that apppeared in canadian press “A man who purchased 41 tapes from the B.C. government found himself the unexpected owner of 77,000 personal medical files.” The solution possibly lies in trusted computing .

Blog at