DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Pediatrics
Current Location:
> This Story

Log in or Register to rate this News Story
Forward Printable StoryPrint Comment




More IT Matters

The non-healthcare industry factors for better patient health 'Value-based care' starts outside the hospital

Improving efficiencies here and now with VR and 3D How one doctor with a passion for engineering aims to improve care

Pixel perfect – A new approach to annotation software Akshay Goel discusses cloud-based deep learning platform,

How AI can change radiology practice for the better A conversation with NYU Langone’s Dr. Michael Recht

Bringing a ‘hive mind’ approach to AI in radiology How Stanford Medical University and Unanimous AI are partnering to bring the human element to AI

See All IT Matters  

More Voices

Evaluating the cost-effectiveness of AEDs in the U.S. Insights from Dr. Lars W. Andersen on research he conducted and what it should mean for the future of public defibrillators

Rural hospitals are suffering The Jacobus Report

Q&A with Michael Darling, VP Supply Chain, St. Luke’s Health System Discussing the clinical integration of supply chain

Smart intelligence for trauma caregivers Insights from Pooja Rao, co-founder and R&D head for

How will tariffs impact healthcare? The Jacobus Report

Q & A with Robert Jensen, president and CEO of AAMI Find out what to expect at AAMI Exchange, the premier event for the HTM community

Scott Whyte

IT Matters – Preventing medical device hacks

From the March 2015 issue of DOTmed HealthCare Business News magazine
by Scott Whyte

Medical devices have unprecedented power to save lives. Yet, as promising as these devices are for medicine, they open up a whole new frontier for cybercrimes.

Story Continues Below Advertisement

New & Refurbished C-Arm Systems. Call 702.384.0085 Today!

KenQuest provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs

Personal harm to a patient
While unlikely, the risk of severe physical harm to a patient, up to and including homicide, can be very real when medical devices are left unprotected. A widely-discussed Essentia Health study revealed that hospital equipment was shockingly vulnerable to hacking, including:

• Infusion pumps. These devices can be remotely accessed and manipulated to change dosages.
• Imaging equipment. Hackers can alter configuration files for radiography and CT machines to change the amount of radiation patients receive, or to manipulate results.
• Implantable cardiac defibrillators. Many defibrillators are Bluetooth-enabled, which gives someone intent on doing harm the opportunity to deliver inappropriate signals to a patient’s heart, or to stop a medically needed shock.
• Refrigeration units. Temperature settings can be deliberately reset in order to cause blood or drugs to spoil.

Medical device security risk
Some estimates say that protected health information is 10 times more valuable than credit card data. With data warehousing, siloed data from medical devices are now aggregated and more valuable. Add to that the fact that the 10 largest medical device companies worldwide have annual revenues of $10-20 billion, making them high-profile targets to cybercriminals.

Medical devices now feed information into electronic health records. If a hacker gains entry to the device, they can cause inaccurate information to be sent to the electronic records, causing clinicians to misdiagnose, administer improper care or prescribe the wrong medications, among other potentially fatal errors.

Damage continues, even after a security breach
Picture the fallout to a health care organization, medical device manufacturer or software company if a patient is harmed via a medical device hack. After considering the most important impact, which is the health of the patients, the aftermath could be near-catastrophic financially as well, with federal and state regulators stepping in to impose harsh fines. Providers can also count on plaintiffs’ attorneys presenting their demands. To prevent a breach, a comprehensive security, privacy and compliance plan needs to be in place.

Facilities should inventory all medical devices, perform a risk analysis (and make it a continuous process), identify administrative and operational weaknesses and document policies and procedures related to device procurement, implementation and maintenance. They should also identify physical and technological threats and work to mitigate them. It’s important to build a circle of trust and create corrective and proactive action plans that include a multi-layered approach to protecting data that addresses devices (both mobile and medical), physical storage network infrastructure, and application, server, data and user security.
  Pages: 1 - 2 >>


You Must Be Logged In To Post A Comment

Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Gold Service Dealer Program
Receive RFP/PS
Healthcare Providers
See all
HCP Tools
A Job
Parts Hunter +EasyPay
Get Parts
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to, Inc. Copyright ©2001-2019, Inc.