Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: FDA Approves Use of Chip in Patients ? HIPAA woes?
From: Michael Simpson <Michael.Simpson () inveresk com>
Date: Fri, 15 Oct 2004 16:43:13 +0100

snip 

The article goes on to mention the fact that an innacurate reading could 
be produced in an MRI scan, etc if malware affected the hospital's network 
and as a result any databases or devices connected to it. Just illustrates 
a need to ensure that health care facilities have tight security to 
minimize the issue of tampering of data in order to prevent mis-diagnosis, 
etc.

/snip

if?

http://news.bbc.co.uk/2/hi/uk_news/scotland/3174173.stm


  And the haha-only-serious thing about this is the fact that the man 
responsible for the mess that is that hospital's IT system was then 
promoted to be the lead clinician for NHS IT in the country. 

whoop-di-do 

You get promoted to the level of your incompetence within the state in UK

In most hospitals in scotland because we expect the POS systems to fail 
regularly/ lose data like a drunk losing brain cells,  we keep all the 
paper systems in place - the courts won't place any trust in our 
electronic stuff anyway. **BUT** at yorkhill at that time you couldn't 
pass wind without computer based authorisation so having the system down 
for that length of time SERIOUSLY impinged on the medical staffs' ability 
to do their job.

which means that patients (children) were put in harm's way by IT 
management incompetence.

Did it change anything, 

errr..... no.

10 years ago it was all *nix now it is all windows including a hell of a 
lot of embedded win95 with "functional" tcp stacks.

Sorry about the ranting but this topic is something that has been getting 
on my tits in a big way for some time.

http://www.theregister.co.uk/2004/06/25/letters_2506/

guess which letter i wrote after blaster took the hospital down (again) - 
not reported in news at the time but cleverly covered up.


let's not even start about the hospitals that think they are running IPX 
but don't know that there is an unprotected inet facing socks proxy 
sitting on their gateway leading to an "unknown to IT" IP based network 
for playing LAN games on and presumably getting pwned with....



mikie


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault