Press release

Redox Launches Public Bug Bounty Program With Bugcrowd to Help Keep Health Data Secure

0
Sponsored by Businesswire

Redox,
the company that is changing the way healthcare vendors and providers
share data, today announced the launch of a public bug
bounty program
with Bugcrowd to
help ensure the security of its customers’ health data. As one of the
first health IT companies to adopt a crowdsourced security approach,
Redox is offering monetary rewards to trusted hackers to identify
security vulnerabilities in its technology platform.

“The Redox healthcare integration platform is built on the promise that
organizations can securely and efficiently exchange data,” said Ben
Waugh, chief security officer, Redox. “Crowdsourced security is a
valuable part of our security strategy. Due to our highly segregated
environment we have been able to set up this bug bounty program
with Bugcrowd to do testing in a safe way, ensuring we are keeping
customer data safe, while also gaining contextual intelligence on
potential security vulnerabilities.”

Redox is at the forefront of a tsunami of digital health data
connectivity, providing a cloud network that simplifies how healthcare
organizations exchange data. With one connection to Redox, organizations
eliminate a fragmented, inconsistent mess of data formats and APIs that
slow digital transformation.

While APIs can improve value in healthcare, there are also legitimate
security issues with exchanging health data. The healthcare industry has
been a prime target for hackers as personal health information (PHI) is
among the most valuable commodities on the dark web. In addition, API
abuse is predicted to
be the single largest attack vector by 2022.

At the same time, industry regulations such as HIPAA can make adopting
new security practices like bug bounty programs more challenging. Redox
overcame this by building its platform so that different types of
accounts are isolated into their own infrastructure, so security
researchers can still do their testing in a meaningful way while
significantly reducing the risk of being exposed to PHI.

“We ran a private bug bounty program for the past year, which paid out
over $5,000 in bounties for around 30 low impact vulnerabilities,” Waugh
said. “Due to the program’s success, Redox is introducing the public
program earlier than expected and increasing the reward program to be
one of the most competitive in our industry.”

Under the public program, Redox will now pay up to $10,000 per critical
flaw, particularly those which are unique and demonstrate that the
researcher has spent the time to understand the Redox technology
platform to identify a vulnerability that could significantly impact
customers.

“As the healthcare industry continues to move into the digital age, each
new technology that provides value to patients, organizations, and
caregivers also brings with it unique cybersecurity risks,” said Ashish
Gupta, CEO at Bugcrowd. “Through our crowdsourced security
approach, Bugcrowd gives healthcare IT teams more time to focus efforts
on big picture compliance and protection strategies. We’re thrilled to
be working with Redox, extending the power of their security team and
paving the way for other health IT companies to adopt next-generation
security testing practices.”

For more information on the bug bounty program and how healthcare
technology companies can adopt them safely, join Ben Waugh, Redox CSO,
and David Baker, Bugcrowd CSO, in a live webinar titled, “Building an
Effective Crowdsourced Security Program in Healthcare,” on July 11 at 11
a.m. PT/ 2 p.m. ET Register here: https://ww2.bugcrowd.com/resources-webinar-building-an-effective-crowdsourced-security-program-in-healthcare.html.

About Redox

Redox accelerates the development and distribution of healthcare
software solutions with a full-service integration platform to securely
and efficiently exchange data. Healthcare delivery organizations and
technology vendors connect once and authorize the data they send and
receive across the most extensive interoperable network in healthcare.
Redox exists to make healthcare data useful and every patient experience
a little bit better. Learn how you can leverage the Redox platform at www.redoxengine.com.