Presentation – HL7 Insecurities

Presentation – HL7 Insecurities

HL7 Data Interfaces in Medical Environments – Attacking & Defending the Achilles’ Heel of Healthcare

This security research served as a 2-part SANS gold paper examining the insecurities of the HL7 messaging standard. This presentation is a combination of those two papers. HL7 is arguably the most fundamental flaw in healthcare IT. It is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen medical data, what HL7 is, as well as potential dangers inherent to HL7. The second paper moves beyond theory and is an in-depth, technical discussion on ways to attack and defend HL7.

If this topic interests you, both papers are available at the links below.
HL7 Data Interfaces in Medical Environments: Understanding the Fundamental Flaw in Healthcare
HL7 Data Interfaces in Medical Environments: Attacking and Defending the Achille’s Heel of Healthcare

You can also download the papers from the SANS reading room. The SANS reading room has loads of free infosec research on a wide-range of other topics as well!
SANS reading room 



Leave a Reply

Your email address will not be published. Required fields are marked *