Medical Device Vendors: What Execs Need to Ask
Healthcare providers need to step up measures to protect health data as medical devices remain vulnerable to cyberattacks, according to tech experts.
“Ransomware attacks against medical devices are going to continue to grow like crazy in the coming months and years because most of the connected medical devices are not being secured properly,” said Mandeep Khera, chief marketing officer at Arxan Technologies, a cybersecurity vendor whose specialities include the Internet of Things in healthcare.
To enhance protection of sensitive patient information, Khera says hospitals executives – i.e., CIOs and CISOs – need to be asking these questions to medical device manufacturers: What types of security have you built into the device? Have you conducted penetration testing on it and what were the results? What is your process for distributing security updates and patches?
These are all questions to be answered ahead of a cyberattack or serious threat, he points out.
In addition, conducting security audits can help hospitals to determine the value of legacy systems and calculate the risk of keeping them against the cost of replacement. If securing an older medical device that still delivers value, for instance, will cost $500,000 but only reduce the risk by half, that can be hard to convince CFOs to sign-off on, explains Roy Wyman, partner at Nelson Mullins Riley & Scarborough in Nashville, Tennessee.
Patient education is also important, because most are not aware of security issues specific to medical devices.
“As we start to see more and more of these types of attacks, patients will get more savvy,” says Khera. “It will take some time. Famous patients like Dick Cheney know how to ask the right questions: ‘If there is no security behind this, I don’t want this to be connected with my pacemaker.’ Common users have no idea what questions to ask. Hospitals need to educate these patients so they know if they are secure or if there is a risk.”
While many medical device manufacturers have thus far missed the mark on security, most are now improving but it’s still up to hospital customers to keep their vendors accountable, Khera notes.
Source: Healthcare IT News
Image Credit: Pixabay
Published on : Mon, 12 Jun 2017
Print as PDF
WHAT YOU SEE IS WHAT YOU GET3D Advanced Visualization is at the core of TeraRecon DNA. We are extending our capability to the 3D printing world with a dedicated image processing workflow to enhance 3D printing outcomes. Printing your model is easier...
Our iNtuition iEMV viewer can display many types of images. It can even do some pretty amazingly advanced things. As a leader in advanced visualization, you can trust that TeraRecon can deliver impressive capabilities, but we strive to make it simple,...
Key FeaturesWe can provide an impressive range of clinical tools and deliver a remarkable clinical experience. On your PACS, off your PACS, within the surgical suite and beyond, iNtuition ensures your workflow is seamless and your imaging costs are minimized....
We can work across many PACS systems. No matter the size of your organization, iNtuition iReview can help you look across your imaging archives and create a unified interpretation view that’s made just for you. The configurable display protocols and user...