4.4M Medical Imaging Files Exposed Online, New Report Finds

The healthcare industry has gone under a massive structural and operational change over the last few decades. Most of its conventional ways of operations have now been replaced with the latest innovations and technologies, and the healthcare sector is showing a growing trend of adopting more of it.

Hence, the operations and the functionalities of the healthcare sector have now become dependent on digitally preserved data and not the manually maintained records. Though data management has made the security of health sector information safe and secure, the latest findings of Digital Shadows have triggered the necessity of further revisions.

According to its latest report, almost 4.4 million medical data has been exposed through several online file repositories. This hammers the bells of alarm of the industry and makes room for further provision of data protection to keep the important and private data safe and secure.


Last year, this number was almost half, and within a year, the data leakage has doubled, making the health care sector more vulnerable. The sources furthered ensured that almost 4.7 million data was uncovered, and most of these were DICOM. The huge gamut also has HIPPA healthcare transaction format X12 and Health-Level 7 files.

The photon team of Digital Shadows has found out this enormous volume of leaked data indicating at colossal damage for the related industry.

The Impact Of Data Leak On Health Care Industry

Every medical identity theft comes with an additional cost. The clients and patients, who become a victim of this crime, often end up paying extra money to replenish the damage. Hence, the cost of medical care gets increased with every data leak.

The general trends show that most of the data theft victims don’t even get to know about their condition. The intimations from the healthcare providers, which should have been prompt often, are delayed, and for some cases, studies revealed that the victims did not know about the data theft for three months after it took place. A staggering 30% of the victims remain void of the knowledge about the theft of their medical data for long.

The consistency of the healthcare sector gets disrupted in case of data theft. When such an incident happens, and the victims get to know about the same, most of the consumers take the healthcare service providers to be responsible and intend to opt for some other service provider. This can also mean a loss of faith in a service provider. Hence, if more cases of data theft get reported across the industry and health care service providers, the dependence of people on these services would come to a bottleneck making the future of this sector vulnerable.

Another issue with the data theft problem is that privacy is hindered. Though the financial replenishments can cover certain areas of damage, the privacy of the data can never be restored when it gets leaked once. Medical data deals with several sensitive parameters that people consider to be strictly private. Hence, a single leak can lead to a loss of every bit of privacy associated with the data.

To combat such situations, the Digital Shadows has suggested some method to prevent reoccurrence of any such incidence.

Digital Shadows has suggested Amazon S3 Block Public Access decrease the public exposure of the data that are supposed t be private and confidential. For secured log-in processes, Digital Shadows has further suggested the use of AWS so that no trespasser can get into the system.

According to the suggestions of the 445 ports and 139 ports from the internet should be blocked. The organizations should also implement the use of IP Whitelisting to ensure that only the authorized systems can access the data, and the log-in process must remain protected with a username and a complex password hard to crack.

Try to disallow external connections by blocking port 837. This will protect the data from random external threats.

To your existing FTP, add the updated SSH file transfer protocol to enhance protection. SFTP allows SSH encryption to the protocol making it safer.

NAS drives can also be placed internally behind a firewall. To prevent access to unwanted elements, access control lists should use as well.

Data leak is not a country-specific problem. The issue has become common for all the countries using technology for keeping healthcare information and records intensely. A huge share of data is getting leaked daily, putting the future of the industry at stake. Hence, it is time to deal with the matter seriously and carefully to keep the healthcare sector out of its grasp.

sepStream® offers affordable and efficient solutions for keeping all the medical reports safe and secure. The advanced technology used to keep the data safe makes the process fortified and void of any element of risk. Customer satisfaction comes first for us, and we deliver nothing short of the best.