AusCERT warns e-health records can be hacked


By GovTechReview Staff
Tuesday, 08 May, 2012



Australia’s emerging personally controlled e-health record (PCEHR) system will be a target for hackers keen to harvest its sensitive personal information, computer emergency response team AusCERT has told a Senate inquiry.

No matter the protections put around the PCEHR records themselves, an AusCERT submission said the design of the system to allow secure Internet access was misleading because consumers accessing their information online would leave their personal data open to compromise.

Risks could arise “if individuals do not understand the risks to their e-health record online when using a computer which is not properly secured,” the organisation’s submission noted, warning that the government “is promoting the benefits of PCEHR over the Internet on the basis that it will be secure...These statements cannot be assured and are misleading.”

A stronger focus on endpoint security would be necessary to meet the government’s assurances of data security, the organisation warned, noting that efforts to date have mainly focused on back-end security.

Related Articles

Managing data breach risk in the public sector

A consistent, high standard of personal information handling practices is needed to meet...

Cloud reluctance creates data risks for government

Agencies must accept the need to shift to the cloud and therefore choose a solution that properly...

Audits find some SA councils have lax security

South Australia's Auditor General has uncovered a range of deficiencies in the IT security of...


  • All content Copyright © 2021 Westwick-Farrow Pty Ltd