receives

now browsing by tag

 
 

#schoolsafety | Culver School Board Receives Project Update – WKVI Information Center | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

Several projects are ongoing at the Culver Community School Corporation.  Superintendent Karen Shuman gave an update to the school board on those projects on Monday night. “Our roofing project is […]

The post #schoolsafety | Culver School Board Receives Project Update – WKVI Information Center | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | US healthcare technology: Move to standardize APIs for patient data access receives mixed response

Source: National Cyber Security – Produced By Gregory Evans


Emma Woollacott

12 March 2020 at 15:38 UTC

Updated: 12 March 2020 at 15:42 UTC

Interoperability rules largely welcomed, but potential privacy and security issues must be addressed, experts warn

New rules giving patients better access to their medical data have been approved by the US Department of Health and Human Services (DHSS) – but experts warn that security may not be entirely sewn up.

Currently, many electronic health record contracts contain provisions that either prevent or are perceived to prevent the sharing of information related to the records in use, such as screenshots or video.

From the beginning of next year, though, health plans doing business in Medicare, Medicaid, CHIP, and federal exchanges will be required to share patients’ health data.

Meanwhile, a new API will allow developers to create apps allowing patients to access their own data, as well as integrating a health plan’s information with their electronic health record (EHR).

“Delivering interoperability actually gives patients the ability to manage their healthcare the same way they manage their finances, travel, and every other component of their lives,” says Don Rucker, national coordinator for health information technology.

“This requires using modern computing standards and APIs that give patients access to their health information and give them the ability to use the tools they want to shop for and coordinate their own care on their smartphones.”

Predatory apps and snake oil warning

The new rules are generally being welcomed – with reservations.

“I’m not sure diving in headfirst by giving patients apps to access their own healthcare records via mobile apps is a good idea,” says Paul Bischoff, privacy advocate for security research firm Comparitech.com.

“Patients might not know what they’re agreeing to when handing over permission to apps to access their health records. This could lead to predatory apps that leverage medical records to sell snake oil.”

Meanwhile, says Tim Mackey, principal security strategist with the Synopsys Cybersecurity Research Center, the nature of the US’ insurance-based healthcare system means that patients may need to be careful about the information they share.

“Given the sensitive nature of medical records, and the potential for a pre-existing condition to negatively influence future patient care, vetting of both app creators and medical data usage in care decisions are concerns,” he says.

“As consumers embrace apps as a proxy for physical identification and their mobile devices as a central store for their most sensitive data, both the security of those apps and the potential for compromise of a mobile device become increasing concerns.”

Much-needed security standard

According to the DHSS, similar apps already exist, in the form of Medicare Blue Button 2.0, which allows patients to securely connect their Medicare Part A, Part B and Part D claims and other data to apps and other tools.

More than 2,770 developers from over 1,100 organizations are working in the Medicare Blue Button 2.0 sandbox, it says, and 55 organizations have applications in production.

But, says David Jemmett, CEO and founder of security firm Cerberus Sentinel, it could be hard to implement a comprehensive security standard.

“As things stand currently, you don’t know if your portal has been checked for security standards unless there has been certification to meet a number of additional standards,” he says.

“Often the code itself goes unchecked and third-party companies can be building them for the interface, but there is no one to go line by line, ensuring security standards are met to certify the software.”

READ MORE EU to give €100bn MedTech industry a security health check

Source link

The post #hacking | US healthcare technology: Move to standardize APIs for patient data access receives mixed response appeared first on National Cyber Security.

View full post on National Cyber Security

Windows 10 Mobile receives its last security patches – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

If you’re one of the tiny contingent still using Windows 10 Mobile, 10 December 2019 is probably a day you’ve been dreading for nearly a year.

As announced by Microsoft in January 2019, it’s the end of life date for version 1709 of the OS, which means that November’s Build 15254.597 (KB4522811) was its last ever software update and therefore its last set of security patches.

After this date, users are on their own, warming themselves in the fading heat of a dying star which began life with some fanfare what seems like a long time ago but was in fact only 2015.

It’s a death that’s been well-rehearsed by Microsoft – Windows 10 Mobile version 1703 users reached this end-of-life moment earlier this year, on 11 June.

From what we can tell, no new Windows 10 Mobile devices were released after early 2016, which means affected devices running version 1709 will be among the following models:

  • Microsoft Lumia 550
  • Microsoft Lumia 650
  • Microsoft Lumia 950/950 XL
  • HP Elite x3 (Verizon, Telstra),
  • Wileyfox Pro
  • Alcatel IDOL 4S
  • Alcatel IDOL 4S Pro
  • Alcatel OneTouch Fierce XL
  • Softbank 503LV
  • VAIO Phone Biz
  • MouseComputer MADOSMA Q601
  • Trinity NuAns Neo

Bad news too for anyone still running the unsupported (as of 11 July 2017) Windows Phone 8.1 which sees the end of its app store support on 16 December 2019. No feature updates, no security fixes and now no software of any kind.