Virus blamed for EHR breach in Canada

By Molly Merrill
10:39 AM

Officials are saying that a virus is to blame for compromising thousands of patient medical records at Alberta Health Services.

The virus impacted AHS' network and Netcare, Alberta's electronic health record, from May 15-29 before it was detected and removed, said officials.

The virus is said to be a new variant of a Trojan horse program called Coreflood, which is designed to steal data from an infected computer and send it to a server controlled by a hacker. Coreflood captures passwords and data the user of the computer accesses.

AHS has identified two groups who are potentially at risk - patients whose health
information was accessed in Netcare through an infected computer, and employees who accessed personal banking and email accounts from work using an infected computer.

Officials are sending letters to the 11,582 patients whose information may have been exposed and have notified all affected employees.

Privacy Commissioner Frank Work says this does not necessarily mean Netcare itself has been infected by the virus. He says the virus may have captured patient data accessed through Netcare from an infected computer and sent it to an external party.

"While it appears the risk to patients is low, viruses don't discriminate and this is an important message to everyone about the need to run up to date anti-virus software", says Work.

The Office of the Information and Privacy Commissioner has launched an investigation,  and Work says he is expecting a full forensic report from Alberta Health Services on how this happened and what steps will be taken to prevent future breaches.  

"AHS responded quickly when the virus was detected and steps have been taken to notify users and patients with advice on what they should do to protect personal and health information," he said.

Top Story

EHR contract with Epic

UI Health in Chicago EHR project bidding case will now go to the state ethics board for review. Photo via UI Health