We come across care organizations that are using tools like WhatsApp as a supplemental communication service to their EHR.
We do NOT recommend this!
Recently, it was found out that WhatsApp has a massive security flaw that has the potential to negatively affect anyone using the app.
The flaw does not lay within the encryption but critically, before the encryption is ever applied. A malicious user can affect the context of any message to anyone making it look like a private message when it is actually a group chat with unknown users.
This "spoofing" has already been used for many malicious hacks like sending embedded malware in an unsuspecting link. Users are more prone to click on the link and activate the malware because they believe it to be coming from a friend.
Clicking on the link and unknowingly granting access to a third party constitutes a Breach under HIPAA Rules.
The hack starts when a malicious user accesses WhatsApp via the website (www.whatsapp.com) to facilitate these changes. The user can also use custom automated software to do it for them.
This breach has allowed for countless social engineering attacks and currently WhatsApp has no way of tracking or stopping it before it happens again.
Read below to understand safeguards for your care organization...
FACT: There is a Ransomware attack every 40 seconds and health care is the most hacked industry in the world.
Now you can transmit ePHI files across a private double encrypted secure network and openly discuss patient information in text, email, voice, and file sharing in a BAA backed service managed by HIPAA experts.
The benefits go way beyond chat and file sharing as this platform was developed for battle field secure communications.
Yes, EverComm connects the chasm between EHRs and care organizations.