Will Innovation Drive Cyber Attacks in Healthcare

by | Oct 20, 2017 | Medical Devices

Hacking of the Healthcare Industry

Medical devices are creating new vulnerabilities in the healthcare industry that put patient care and personal data at risk. In recent years, the healthcare industry has been hacked more frequently than the financial sector due to the lack of attention to cyber security risk.

Hackers take advantage of inadequate security on medical devices to not only control the device itself, but also as an entry point to access larger hospital networks. Once compromised, hackers can hold patient data or services ransom until a hospital pays the extortion fee. Given the life or death stakes of having access to all the necessary tools for patient care, this tends to be a fruitful target for hackers looking for a quick payment in exchange for handing back data.

In addition to holding data and services ransom, hackers can also access patient data to perpetrate identity theft for financial fraud, or to fill prescriptions and sell them on the dark web. Cyber security in the healthcare sector is an issue that needs to be addressed to ensure the safety of patients’ data and access to quality care.

Innovation at the Risk of Cyber Security

We previously wrote about the FDA’s partnership with major tech companies to create a fast-track program to regulate medical devices. The aim of this system is to allow the pace of innovation to keep up with the potential of the technology and demand of consumers. The potential to manage chronic illnesses, collect meaningful data to inform care, and facilitate real-time communication of health information will advance the quality of patient care, but will the pace of innovation out run the attention to cyber security risk?

In the U.S., each hospital bed contains 10 to 15 connected medical devices and each device represents a potential vulnerability to cyber security. These devices are easily discoverable, and while each device is not necessarily vulnerable, the sheer volume and accessibility makes finding an entry point an inevitability for hackers. The diversity of devices and the lack of attention to security checks both by the device manufacturers and the hospitals’ networks create a real security threat. Creating a fast-track to bring medical devices to market by pre-approving companies will exponentially increase risk, if a holistic attention to cyber security is not taken into proper consideration.

Clarity on Regulation

The FDA has been warning the healthcare industry for years about the vulnerability of medical devices to cyberattacks, but these warnings have largely been without consequences. It’s clear that the FDA will be advancing the expectations of cyber security in medical devices, but standardization and clarity is needed.

New legislation from two lawmakers aims to layout a framework to address these issues. U.S. Representatives Dave Trott and Susan Brooks introduced the Internet of Medical Things Resilience Partnership Act to collect and centralize all existing cyber security standards, guidelines, and best practices. The committee will identify gaps and problems, and define actionable solutions and a framework for the IoMT (Internet of Medical Things) developers as a reference. This collaborative approach to securing the already vulnerable landscape of technology in the healthcare industry is a much-needed protection, particularly with the impending expansion of medical devices.

Emma International

Emma International

More Resources

Change Management And Control

Change Management And Control

One of the biggest and most important aspects of quality management is a system to monitor changes and how they impact the product. Change management is an approach for changing processes or products in a way which adheres to regulatory standards by ensuring stability and consistency throughout processes. It applies across all changes within a process and throughout an entire products life cycle.
Aseptic Technique and Gowning

Aseptic Technique and Gowning

One of the most common techniques to prevent contamination of products and reduce quality impacts in the pharmaceutical industry is called aseptic gowning. Humans are the biggest sources of microbial contamination in cleanroom environments and therefore proper gowning procedures are essential to ensuring product quality. Proper training, education, hygiene, qualification, and authorization must be put in place and be required for entry to all clean room environments...
Importance of Pharmaceutical GMP

Importance of Pharmaceutical GMP

Having high quality standards is vital to any organization but is even more essential in the pharmaceutical industry. Practices that are governed by these standards are commonly called Good Manufacturing Practices (GMP) and ensure consistent and controlled production of products. These practices govern all aspects and procedures within production and provide documented proof that procedures are consistently followed during the manufacturing processes every time products are made. They are designed to minimize risks throughout the manufacturing process that are not able to be eliminated in final product testing so that pharmaceuticals are safe for use...

Ready to learn more about working with us?

Pin It on Pinterest

Share This