Many types of databases used for EHRs are vulnerable to leaking protected information, regardless of their encryption status, according to a study from Microsoft.
Researchers found that sensitive information, including sex, age, race, hospital admission information and other medical data, was able to be accessed and stolen using four types of cyber attacks explored in the study.
The researchers conclude that, considering the reality of frequent cyberattacks on networks hosting EHRs and other patient data, the types of encrypted database systems they studied and found vulnerable to attack should not be used for storing medical information.