How Secure Is Your Health Information? Electronic Medical Record Vulnerability Discovery

Electronic Medical Record (EMR) System vulnerabilities provide an easy target for

hackers to steal valuable personal data. With an average cost to a healthcare provider of

$9.23 million per hacking incident (Ponemon Institute, 2021), EMR vendors need to

work with security researchers to review, discover, and patch these vulnerabilities before

attackers exploit them. While the security community has made some efforts to disclose

vulnerabilities, these efforts are often sporadic and rely on niche feature sets to be

enabled. Security researchers’ limited time and resources need to be focused on the most

used and most likely to be exploited targets in these EMR applications. This whitepaper

utilizes vulnerability exploitation in a popular open-source EMR application to provide

specific areas for researchers to focus efforts on securing the applications that protect this

valuable data.