Hi, I am running a professional commercial practice information system, based on firebird in Germany. The system is certified by the german health agencies.
Problem? The firebird account name and pasword are NOT changed. The government is rolling out a patient chip card with the possibility to exchange the basic patients data with their social security health assurance agency by WAN. Is there a possibility for them to get access to (other) patient files (so the complete database) through a backdoor, e.g. via the admin account? Is there another way? Is it a security risk not changing the account name and pw? I am not paranoia, just concerned about my business and even more the medical confidentiality. Thank you for your help and best regards, Marc
