Carly Page reports:
Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned.
This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally recognized format for medical imaging. DICOM is used as the file format for CT scans and X-ray images to ensure interoperability between different imaging systems and software. DICOM images are typically stored in a picture storage and sharing system, or PACS server, allowing medical practitioners to store patient images in a single file and share records with other medical practices.
But as discovered by Aplite, a Germany-based cybersecurity consultancy specializing in digital healthcare, security shortcomings in DICOM mean many medical facilities have unintentionally made the private data and medical histories of millions of patients accessible to the open internet.
Read more at TechCrunch.
Maybe it’s time to try to track down HHS’s response to Senator Warner’s inquiries in 2019 as to what HHS had done in response, other than a June 2021 alert.
h/t, Brett Callow