AusCERT warns e-health records can be hacked


By GovTechReview Staff
Tuesday, 08 May, 2012


Australia’s emerging personally controlled e-health record (PCEHR) system will be a target for hackers keen to harvest its sensitive personal information, computer emergency response team AusCERT has told a Senate inquiry.

No matter the protections put around the PCEHR records themselves, an AusCERT submission said the design of the system to allow secure Internet access was misleading because consumers accessing their information online would leave their personal data open to compromise.

Risks could arise “if individuals do not understand the risks to their e-health record online when using a computer which is not properly secured,” the organisation’s submission noted, warning that the government “is promoting the benefits of PCEHR over the Internet on the basis that it will be secure...These statements cannot be assured and are misleading.”

A stronger focus on endpoint security would be necessary to meet the government’s assurances of data security, the organisation warned, noting that efforts to date have mainly focused on back-end security.

Related Articles

Demystifying zero trust for government

As zero trust becomes more central to ICT environments, it needs to be considered not just as an...

Cyberwarfare 2025: the rise of AI weapons, zero-days and state-sponsored chaos

Nation-states and rogue factions are rapidly integrating cyber attacks into their military...

Phishing‍-‍resistant MFA: elevating security standards in the public sector

Phishing remains a significant issue for government agencies, and current MFA solutions often...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd