Cybersecurity for medical devices: what does the future hold?

Manufacturers of medical devices and organizations operating in the healthcare industry are working more and more closely to improve and strengthen cybersecurity

Written Thursday, by Emanuele Mortarotti

Manufacturers of medical devices and organizations operating in the healthcare industry are working more and more closely to improve and strengthen cybersecurity. But are they really doing enough? Let’s discuss the problem in greater detail with the support of an interesting article published at medicaldesignandoutsourcing.com.

No one in the medical technology field doubts the importance of stemming cyberattacks. Strengthening security is an argument in its own right – a subject thanks to which many manufacturers are joining and starting up important collaborations.

One solution might be: healthcare operators and other customers that buy medical devices connected to Internet should have access to a list that contains all the software, the open-sources and all the commercial partners.

For medical device manufacturers, it is important to know how patients and medical operators use medical technologies, so as to customize devices according to user experience and also to adapt basic security controls.

The Food & Drug Administration, the United States agency in charge of regulating food and pharmaceutical products, has recently paid increasingly more attention to cybersecurity and the challenges that it poses to both companies as well as governments. The FDA published cybersecurity guidance in 2014 and postmarket guidance in 2016. The American agency bases its guidance on three principles: trustworthiness, transparency and resilience to hacking.

 

Various cyberattacks have turned the medical technology world upside down. In 2016, the Hollywood Presbyterian Medical Center was forced to pay $17,000 in bitcoin to a hacker who had taken control of the hospital’s computer systems blocking access to patient medical records. In 2017, the Wannacry attack created many problems for several hospitals in the U.S. and Great Britain, sidestepping security and entering the systems of medical devices made by Bayer, Siemens and others.

Many clinics, small and medium-sized hospitals have no security system to defend the sensitive data of patients against cyberattacks: it’s a problem that needs to be resolved, which many underestimate or pretend not to see.

Updating old medical devices with new technologies is much more complicated than it seems. In other words, these are trying times for manufacturers and users who must adapt to change as quickly as possible.

 

What do you think of this article? Have your say by contacting Dispotech, your disposable excellence.

Emanuele Mortarotti
Author Emanuele Mortarotti

Manager

write a comment