Covid-19 Counts Plagued by Computer Malpractice
It’s no secret that information technology and medicine have become inseparable. Hardware, software, and data must not only work in unison but undergo routine updating and maintenance by qualified IT engineers. Failure to do so can have grave consequences, as highlighted by the discovery of the COVID-19 undercount earlier this month in California.
The BleepingComputer.com headline read, “Expired certificate led to an undercount of COVID-19 results.” In the computer realm, a certificate is nothing more than a digital identifier used by one system to tell another that the data it’s sending is from a legitimate source. As with almost all IDs, certificates expire, and if not renewed, the affected system cannot send or receive data.
That’s indeed what happened in California’s state health department. A computer system named “CalREDIE” suffered from an expired certificate and, therefore, could not receive lab result data from Quest.
According to Lawrence Abrams of BleepingComputer.com, “As these certificates are installed by server administrators once every two years and do not require any upkeep, it could lead to certificates being forgotten about and expiring. This lack of attention can lead to outages, such as what we saw with Facebook’s Tor server, Microsoft Teams, and IoT devices.”
Preventable technological issues have contributed to exaggerated COVID-19 counts as well, which has created broad skepticism and lack of trust regarding various pandemic data put out by government agencies.
So, “what does this have to do with me,” you ask? Take a moment to answer the following questions about your company’s IT system or your personal digital life:
1) Have you or your organization created a list of all of your digital assets, including document storage locations, computers, IoT devices, cloud services, software licensing and subscriptions, and their associated expiration dates?
2) Are your or your IT personnel performing maintenance or at least checking the list from item #1 on a regular interval to ensure they are locked down security-wise? 3) Are you using a tracking system to record your assets and a calendar to remind you of renewals at the time you purchase or install an asset such as hardware or software?
If the answer is “no” to any of the above, you may be heading for an unpleasant surprise. Keep in mind that nobody executes all three items perfectly. The key is to get started and revise your process as you go. You’ll be glad you did!
Until next time, be well, and keep in touch.