Years later pagers still leaking PHI and other sensitive information


The Problem

Back in the 80's and 90's it was sort of a fashion statement to have a pager on your hip. Now that cell phones are the preferred method you would have thought that pagers would have gone by the wayside but that is not the case. Some of the most sensitive information is being broadcast in the clear for anybody to listen in on every single day. Hospitals use them because at the high power limits of the radio signal, the message is likely to get to the recipient even when that person has spotty sell phone coverage as 900MHz penetrates into building and other structures much better than 600MHz, 800MHz and higher frequencies used by cell phones.

Patient Data Galore

In many cases this information may include diagnosis, patient vital statistics and we have even seen patient social security numbers, death notifications, room numbers of patients and much more. Like everything else, the problem is one of convenience. Back when pagers took off there wasn't a need to encrypt anything as most of the early pagers simply sent out phone number information. One of the more recent examples of this is when Wikileaks published the pager data from the morning of 9-11 (See news article here).

The problem still exist and in fact is getting much worse as IoT devices are monitored with statuses appearing on pagers somewhere indicating that there is an issue, doctors being called in to treat sick patients with the person paging out health related information and just general traffic.

There are encrypted paging packages out there but nobody is really leveraging them to secure message traffic. You would think as the cost of radio equipment gets lower and lower that people would care but 30 years later the issue still persist. Many other types of sensitive information to include billing information for power meters, location data of radio operators and methods of triangulation abound. For whatever reason people think that this information is secure and a safe way to communicate but we guarantee you that we won't be using pagers any time soon.

#Paging

0 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.