box10.gif (1299 bytes)








Virus attacks health records in Alberta

EDMONTON – The Alberta government has warned thousands of people that their medical information may have been compromised after a computer virus that normally hits financial institutions was found in the provincial health department’s systems.

Alberta Health Services is sending out letters to 11,582 Edmonton-area individuals whose information on Netcare, Alberta’s electronic health record, may have been captured by the virus between May 14 and May 29. The virus typically gathers information from a host system and sends it out to a predetermined address, said Frank Work (pictured), Alberta’s Information and Privacy Commissioner.

The problem started when an outside computer slipped a new variant of an old Trojan horse program, called “coreflood”, through the security software in their Edmonton network. Alberta Health Services contracts with two of the largest anti-virus firms in the world and neither one had heard of this variant when it struck.

“In the past, [this virus] has been associated with Eastern European gangs and the target has usually been financial information, so we’re a little bit puzzled as to why or how it got into a health information database,” Mr. Work said. He said the information would have included names, healthcare numbers and medical records such as lab results, appointments or diagnoses.

Alberta Health staff detected the virus after finding unusual traffic on the system, said Bill Trafford, the organization’s chief information officer. All Edmonton-area computers have since been swept and the rest of the department’s computers will be cleared over the next couple weeks.

“We’ve cleaned it out,” Mr. Trafford said.

Mr. Work said investigators are still trying to figure out how the virus got into the system.

He said the infection may not have been intentional and may have arrived through someone bringing an infected laptop from home and plugging it in. “There is a good possibility it may have accidentally been introduced into the system,” Mr. Work said. “The virus could have been spread that way without Netcare being specifically targeted.”

Mr. Work said the security breach shows the importance of maintaining strong firewalls for information systems.

Mr. Trafford said there’s no guarantee that even the best system will work every time. But he added Alberta Health will be upgrading its defences. “It’ll likely be a two-step process to connect to our networks. We’ll have an ability to isolate the device if we think it’s not up to standard.”

Posted July 16/09.