mailing list archives
Re: FDA Approves Use of Chip in Patients ? HIPAA woes?
From: Michael Simpson <Michael.Simpson () inveresk com>
Date: Fri, 15 Oct 2004 16:43:13 +0100
The article goes on to mention the fact that an innacurate reading could
be produced in an MRI scan, etc if malware affected the hospital's network
and as a result any databases or devices connected to it. Just illustrates
a need to ensure that health care facilities have tight security to
minimize the issue of tampering of data in order to prevent mis-diagnosis,
And the haha-only-serious thing about this is the fact that the man
responsible for the mess that is that hospital's IT system was then
promoted to be the lead clinician for NHS IT in the country.
You get promoted to the level of your incompetence within the state in UK
In most hospitals in scotland because we expect the POS systems to fail
regularly/ lose data like a drunk losing brain cells, we keep all the
paper systems in place - the courts won't place any trust in our
electronic stuff anyway. **BUT** at yorkhill at that time you couldn't
pass wind without computer based authorisation so having the system down
for that length of time SERIOUSLY impinged on the medical staffs' ability
to do their job.
which means that patients (children) were put in harm's way by IT
Did it change anything,
10 years ago it was all *nix now it is all windows including a hell of a
lot of embedded win95 with "functional" tcp stacks.
Sorry about the ranting but this topic is something that has been getting
on my tits in a big way for some time.
guess which letter i wrote after blaster took the hospital down (again) -
not reported in news at the time but cleverly covered up.
let's not even start about the hospitals that think they are running IPX
but don't know that there is an unprotected inet facing socks proxy
sitting on their gateway leading to an "unknown to IT" IP based network
for playing LAN games on and presumably getting pwned with....
Full-Disclosure - We believe in it.