The fatal reach of medical devices
Take, for example, patients with pacemakers, a piece of technology that they rely on to keep their bodies functioning normally. After an extremely invasive procedure, followed by weeks of recovery, the patient begins to feel safe and well. However, with medical device security regulations as relaxed as they are, there may be more to worry about once the device has been implanted or the wearable set in action.
Knowledgeable hackers can produce attacks that have adverse effects on more than just CT scanners. These cybercriminals can reach more personal items such as insulin pumps for diabetics, pacemakers, and in some cases, life-monitoring machines. So with regulations so relaxed and technology moving faster than regulations can keep pace, what can the health care industry do? Former Vice President Dick Cheney took extra precautions with his pacemaker, assuring that it was protected from several security vulnerabilities.
Ad Statistics
Times Displayed: 56938
Times Visited: 1655 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
Be prepared by assuming an attack will happen
Beyond patching and adding additional security features in medical devices, organizations must have good visibility to see potential threats and have policies in place to ensure they limit risk. And while good policy is a necessary start, auditing and enforcement are also required to be effective. Health care providers and device companies alike must stay up to date on the latest security offerings. Auditing current solutions to see what can be improved is the best way to do that.
Organizations must live by a comprehensive set of strategies – assess the risk; put policies, management and monitoring in place; fix the issues; and repeat this process again and again. Keeping up-to-date on vulnerabilities and continuing to put adequate protections in place, whether mandated or not, is critical.
What’s more, it’s essential to be aware of the vulnerabilities in your organization. Look at every scenario and prepare for the worst.
Involve the patient
We are all accustomed to security threat training, from strong passwords to not opening suspect attachments, end users know they are the way in and often the last line of defense. This precautionary training, although not foolproof, should translate to patients with implants or wearables, especially if remotely connected to the hospital for monitoring and tracking. Patient awareness of potentially malicious activity and an appropriate contact for reporting suspicious behavior to their provider could help mitigate attacks before real damage is done.
