Anand MuraliJan 13, 2020 14:24:03 IST
Confidential personal health data belonging to millions of Indians are lying exposed on the internet because hospitals and medical institutions have not taken security precautions to safeguard this information.
More than 120 million images — X-rays, ultrasounds, magnetic resonance imaging (MRI) files, computed tomography (CT) scans, endoscopy, mammograms and ophthalmology records — are lying open for cyber-criminals to tap into and sell on the black market, according to a report by Germany-based security firm Greenbone Networks.
Globally, nearly 1.2 billion medical images are lying insecure and open to exploitation.
Image: Pixabay
The data is being exposed through insecure servers known as Picture Archiving and Communication Systems. These servers help medical practitioners easily store and share images but when these systems are connected to the internet without protection, the most intimate details of a patient’s health become exposed to the world.
“It is a notable fact for the systems located in India, that almost 100 percent of the studies allow full access to related images,” the report said.
Tech2 has written to the Indian Medical Association asking for comments. This story will be updated once IMA replies to our email.
Implementation of PACS systems has been growing over the years, as hospitals try and move to a paperless system, but the worrisome part is that the institutes are not paying as much importance to secure these systems as they increase their scope and usage.
| Indian States | Studies | Images | Images Accessible | Studies with image access | Systems per state |
| Maharashtra | 3,08,451 | 6,97,89,685 | 6,97,89,685 | 3,08,451 | 46 |
| Karnataka | 1,82,865 | 1,37,31,001 | 1,37,31,001 | 1,82,865 | 7 |
| West Bengal | 1,72,885 | 34,11,255 | 34,11,255 | 1,72,885 | 2 |
| Telangana | 1,26,160 | 59,97,360 | 1,10,160 | 7,344 | 3 |
| Gujarat | 1,11,408 | 1,39,97,757 | 1,39,97,757 | 1,11,408 | 19 |
| Punjab | 45,973 | 71,56,545 | 71,56,545 | 45,973 | 6 |
| Delhi | 40,709 | 21,05,605 | 21,05,605 | 40,709 | 4 |
| Andhra Pradesh | 17,302 | 4,46,870 | 4,46,870 | 17,302 | 2 |
| Haryana | 10,713 | 15,48,165 | 15,48,165 | 10,713 | 2 |
| Uttar Pradesh | 6,013 | 17,49,150 | 17,49,150 | 6,013 | 4 |
| Madhya Pradesh | 4,329 | 4,32,900 | - | - | 1 |
| Chandigarh | 1,121 | 6,72,600 | 6,72,600 | 1,121 | 1 |
Increasingly, medical records are becoming an important target for hackers, for whom financial records are a top priority. Many times, medical images are stored along with other personal data belonging to patients.
A total of 97 insecure systems were found across India, exposing 121 million image records related to over a million medical studies, Greenbone’s November 2019 report said. This report was updated last week.
Healthcare data is classified as ‘sensitive’ in the draft Personal Data Protection bill, which is being debated by a select committee of both houses of parliament.
A final bill is expected to be ready for the budget session which starts at the end of this month.
Welcome to Tech2 Innovate, India’s most definitive youth festival celebrating innovation is being held at GMR Grounds, Aerocity Phase 2, on 14th and 15th February 2020. Come and experience an amalgamation of tech, gadgets, automobiles, music, technology, and pop culture along with the who’s who of the online world. Book your tickets now.
