One of Australia’s top IT security organisations has warned that the Federal Government’s flagship e-health records project is likely to be broken into, with Australians’ medical and identity information to be used for fraud and other criminal activities.
AusCERT, Australia’s Computer Emergency Response Team, which is not associated with the Government, in its submission to an inquiry about the legislation dated in January (PDF), criticised the Government’s Personally Controlled Electronic Health Records (PCEHR) Bill (2011). In its commitment to protecting the privacy and security of Australian Internet users, AusCERT has expressed concern that miscreants could potentially use the PCEHR for identity theft and fraud. The submission was first reported by the AustralianIT.
AusCERT opines that enabling accessibility to personal identifying information in the form of the PCEHR from personal computers over the Internet will only worsen an ongoing problem that will make Australians vulnerable to fraud and identity theft. The submission focuses on the use of untrustworthy end point computers and mobile devices, which when compromised, will enable attackers exert full control over the PCEHR to look at or change its contents with the same privileges as the owner or authorised users — via redwolf.newsvine.com