Announcements
This ISC2 Community will be decommissioned as of May 29, 2026. Please join your peers and connect with your chapter at https://isc2chapters.isc2.org.
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II
‎09-14-2019 01:30 PM
‎09-14-2019 01:30 PM

How *not* to do patient privacy

Sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being broadcast, unencrypted, by hospital paging systems, and these broadcasts are trivially easy to intercept by anyone in the region.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos
1 Reply
CraginS
Defender I
‎09-14-2019 05:45 PM
‎09-14-2019 05:45 PM

@rslade wrote:

Sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being broadcast, unencrypted, by hospital paging systems, and these broadcasts are trivially easy to intercept by anyone in the region.

Under US law, that would be a gross violation of HIPAA. Does Canada have a similar patient privacy law? HIPAA fines can be grotesquely high.

 

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
Reply
0 Kudos