Hacking Healthcare Through APIs

February 25, 2021

 – Episode #

38

We’re moving fast.  Digital Front Doors, Remote Patient Monitoring, and Telehealth delivered anywhere on any device.  I can hear my Mom now.  Did you lock the back door?

Whenever we move fast you have to take an extra measure of caution.  Where are we moving fast at the expense of security.

FTA
All of the apps were found to be vulnerable to API attacks, and some allowed access to electronic health records (EHRs). The 30 apps collectively expose 23 million mobile health users to attacks, Knight reported. Of the 30 apps tests, 77% contained hardcoded API keys, of which some do not expire, according to the report, and 7% had hardcoded usernames and passwords.

During her research, Knight hacked into the system of one hospital, changing the values of an EHR by one digit and then was able to access the health records of the patient’s family members and other information that a hospital’s registration desk had captured for a patient. Knight used a hacking tool that looks like it is generating data from a mobile health app.
—-

This doesn’t mean APIs are bad, it means that we have to take care when using them.

This is a good article.  Check it out.
https://www.fiercehealthcare.com/tech/mobile-health-apps-leak-sensitive-data-through-apis-report-finds

More Recent Episodes

Share this clip:

Share on linkedin
Share on twitter
Share on facebook
Share on email

Today's Show Sponsor

Want to tune in on your favorite listening platform? Don't forget to subscribe!

Thank You to Our Show Sponsors

Amplify great thinking to propel healthcare forward and raise up the next generation of health leaders.

© Copyright 2021 Health Lyrics All rights reserved