Crypto Investment Entry and Exit Strategies of Institutional Investors
Section: Business
Gematik Acknowledges Security Vulnerabilities in Electronic Patient Records
Wed 29th Jan, 2025
The Gematik organization has recently come under scrutiny regarding its handling of security vulnerabilities in the electronic patient record system (ePA). As reported, Gematik claims it only recognized the seriousness of these vulnerabilities after security researchers informed them that valid practice identities were available for purchase on secondary markets.
According to communications obtained from the German Medical Journal, security researchers alerted Gematik to these vulnerabilities in August 2024. However, Gematik initially deemed these security issues as manageable and acceptable at that time. This assessment has now been called into question.
One of the critical vulnerabilities allows unauthorized access to the ePA system using only a Security Module Card Type B (SMC-B) along with a connector. This can be done without the need for the electronic health card or knowledge of its associated Integrated Circuit Card Serial Number (ICCSN). The potential for mass exploitation has been highlighted, as attackers could iterate through ICCSNs. Gematik had previously assessed the risk of such attacks as low, citing high detection risks and complex execution as factors.
Furthermore, a Gematik executive has indicated that the issuance of practice cards has been tightened through multiple enhancements in the distribution process. In mid-December, it was revealed that security researchers had purchased valid practice identities, including SMC-Bs and PIN codes, from a practice liquidation. This prompted Gematik to reassess the situation, leading to the formation of a security task force aimed at implementing necessary measures.
Despite these developments, it remains uncertain whether these vulnerabilities have been fully addressed ahead of the planned nationwide rollout of the ePA. Currently, all healthcare providers and pharmacies involved in the pilot phase are included on a whitelist, which restricts access to the ePA to a limited number of authorized users.
Custom T-Shirts: Last-Minute Gifts They'll Actually Love
Section: Arts
Oktoberfest in the news: How people around see beer's birthday
Section: Arts
Zero-Down Home Financing: How it Really Works
Section: Business
Factors That Can Strengthen or Weaken USD Against EUR
Section: Business
City Living? How To Install a Window Flower Box That Lasts
Section: Arts
How to Succeed in Your Healthcare Internship: A Step-by-Step Guide
Section: Health
What Expats in Germany Are Playing on Their Phones
Section: Arts
Tesla Launches Robotaxi Service with Limitations
Section: News
X Money: Musk's Platform Eyes Credit Card Services
Section: News
German Private Health Insurance
Health Insurance in Germany is compulsory and sometimes complicated, not to mention expensive. As an expat, you are required to navigate this landscape within weeks of arriving, so check our FAQ on PKV. For our guide on resources and access to agents who can give you a competitive quote, try our PKV Cost comparison tool.
Hospital and Clinic Directory
Germany is famous for its medical expertise and extensive number of hospitals and clinics. See this comprehensive directory of hospitals and clinics across the country, complete with links to their websites, addresses, contact info, and specializations/services.
Upcoming Events
Gärtnerplatz Open-Air: Programm, Termin und aktuelle Infos
One of the most beautiful squares transforms into a summer stage every year for two days. The Gärtnerplatz Open-Air features a free music and cultural program across three stages, as well as street food from local vendors. On Saturday, the main stage at Gärtnerplatz offers something for everyone,...
No comments yet. Be the first to comment!