Report: Electronic medical records need security protections

Share this content:

Providers and the healthcare industry as a whole need to do more to assess the security risks associated with the use of electronic records systems, a new report from the eHealth Vulnerability Reporting Program suggests.

Commercial electronic health record systems are vulnerable to exploitation given existing industry development and disclosure practices, according to 15-month study conducted by eHVRP, a collaborative of health care industry organizations, technology companies and security professionals.

Some of the findings of the study: System vulnerabilities could be identified using standard tools and techniques; EHR vendors are either not disclosing or inadequately disclosing system vulnerabilities to customers; and no industry organization could be identified that has established guidelines or practices to appropriately manage risks associated with ehealth systems.

The full report will be available at