An ongoing study by Greenbone researched the security of Picture Archiving and Communications Systems (PACS) servers used by health providers to store imaging records. In the US, Greenbone security identified 786 million medical images that include at least one piece of personal identification, details of patient names, reason for imaging, date of birth, or ID card. Greenbone security states that some of the data discovered included Social Security numbers or military personnel IDs from the Department of Defense. The data collected in the past few months shows a 60% increase from data in July and September of 2019. The number of images easily accessible on the internet increased significantly in the US, South Africa, Brazil, and Ecuador, while countries like the UK, Germany, and Thailand have completely removed PACS servers from online, making patient data inaccessible via the internet.
Greenbone found that HIPAA controls in the US were largely missing. Greenbone also reported that the total number of accessible imaging and patient data records online without protection has doubled from 4.4 million and 9 million. Greenbone spokesperson stated that they have advised countries to take swift action, and that Greenbone employees did not expect to see more data than before in the second review.
Read More: 1.19 billion confidential medical images available on the internet