Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

Philips

AGFA 1400x150

Petal Health

Petal Health 1400x150

Privacy & Security

Experts chide UCLA for lack of encryption

July 22, 2015


James Atkinson

LOS ANGELES – Hackers broke into UCLA Health System’s computer network and may have accessed sensitive information on as many as 4.5 million patients, hospital officials said.

This cyberattack at UCLA comes on the heels of a major breach of federal employee records and a massive hack at health insurance giant Anthem Inc., affecting 80 million Americans this year.

The intrusion is raising fresh questions about the ability of hospitals, health insurers and other medical providers to safeguard the vast troves of electronic medical records and other sensitive data they are stockpiling.

The revelation that UCLA hadn’t taken the basic step of encrypting this patient data drew swift criticism from security experts and patient advocates, particularly at a time when cyber-criminals are targeting so many big players in healthcare, retail and government.

“These breaches will keep happening because the healthcare industry has built so many systems with thousands of weak links,” Dr. Deborah Peel told the Los Angeles Times. Dr. Peel is founder of Patient Privacy Rights in Austin, Texas.

UCLA said Friday that it’s working with the FBI and had hired computer forensic experts to further secure its network.

The university said there was no evidence yet that patient data were taken, but it can’t rule out that possibility while the investigation continues.

“We take this attack on our systems extremely seriously,” said Dr. James Atkinson (pictured), interim president of the UCLA Hospital System. “For patients that entrust us with their care, their privacy is our highest priority. We deeply regret this has happened.”

Atkinson said the hospital detected unusual activity on one of its computer servers in October and began investigating with help from the FBI.

It wasn’t until May 5, according to UCLA, that investigators determined that the hackers had gained access to parts of UCLA Health’s computer network where some patient information was stored.

Those parts of the network contained names, dates of birth, Social Security numbers, Medicare and health plan identification numbers as well as some medical information such as patient diagnoses and procedures.

The unauthorized access could have begun in September 2014, UCLA said, and some of the patient information dates to 1990.

Atkinson said it doesn’t appear that credit card and other financial information was involved.

“They are a highly sophisticated group [of hackers] likely to be offshore,” he said. “We really don’t know. It’s an ongoing investigation.”

An FBI spokeswoman said the agency “is looking into the nature and scope of the matter, as well as the person or group responsible” for the UCLA breach.

UCLA said that prior to the attack on its system it had been taking steps and spending tens of millions of dollars to strengthen its computer security. It added that it has successfully thwarted hacker attacks in the past.

But some security experts were unimpressed. They questioned the lack of encryption at UCLA in light of other breaches across the country. Anthem faced similar criticism over its failure to encrypt the information that was exposed to hackers during its cyberattack.

PreviousNext

CHT print

CHT print

e-Messenger

  • Montreal General unveils advanced surgical centre
  • Infoway announces vendor innovator winners
  • NYGH moves its EHR to Oracle cloud
  • Thunder Bay hospital uses SMS for patient surveys
  • Fundraiser aims to support former CEO of AHS
More from e-Messenger

Subscribe

Subscribe

Weekly blasts are sent each month, via e-mail, to over 7,000 senior managers and executives in hospitals, clinics and health regions. Learn More

Infoway

Infoway

Zebra

Zebra

Zebra

Zebra

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

CHT print

CHT print

Advertise with us

Advertise with us

Sectra KLAS

Sectra KLAS

Stratford Group

Stratford Group

Pure Storage

Pure Storage

Medirex

Medirex

NIHI

NIHI

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 204
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2025 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us