Medical Design and Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Supplies and Components Index
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • MedTech Resources
    • Medtech Events in 2025
    • The 2024 Medtech Big 100
    • Medical Device Handbook
    • MedTech 100 Index
    • Subscribe to Print Magazine
    • DeviceTalks
    • Digital Editions
    • eBooks
    • Educational Assets
    • Manufacturer Search
    • Podcasts
    • Print Subscription
    • Webinars / Digital Events
    • Whitepapers
    • Voices
    • Views
    • Video
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Women in Medtech
  • Advertise
  • Subscribe

Cybersecurity is key for labs as hackers attack hospitals

December 6, 2016 By Danielle Kirsh

The persistence of cyberattacks on hospital networks and labs can be prevented by being aware of cybersecurity best practices.

The persistence of cyberattacks on hospital networks and labs can be prevented by being aware of cybersecurity best practices.

The persistence of cyberattacks on hospital networks now makes healthcare the most frequently attacked industry, beating out the financial and retail sectors and costing the industry $5 billion to $6 billion annually. However, laboratories can fend off cybersecurity threats by being aware of best practices, taking steps to protect data and having back-up plans in place.

According to the U.S. Health & Human Services Dept.’s Office of Civil Rights, more than 113 million heath records were compromised in 2015. Hackers breached the personal information of tens of millions of customers of Anthem and Premera Blue Cross health insurers, among others.

In early 2016, hackers infected the networks of a handful of hospitals and broader health systems across the country with ransomware, malicious programs that hold patient records hostage and enable the hackers to demand a ransom to return them.

“We have all the best data that the bad guys want because we collect so much information about patients,” explained David Finn, healthcare IT officer for cybersecurity company Symantec. “Their demographic information alone would be good enough to start doing some bad things, but then you add data like credit card numbers, insurance account numbers and Social Security numbers…”

Hackers use out-of-date instruments as holes in the system to penetrate hospital networks by infecting medical devices with their malware and ransomware.

“Healthcare hasn’t been as robust in its security as other industries. As a result, we are now seeing hacks and threats aimed at healthcare that you might not see in the financial sector or credit card industry,” said Marti Arvin, VP of audit strategy at CynergisTek, a healthcare security consulting firm.

Labs – such as cardiology centers, nursing stations and pharmacies – often have their own record systems, devices and IT support that operate independently from the broader hospital or healthcare system. That poses a particular risk because it presents a weak spot for hackers to access. Those devices might not receive the same attention from IT professionals than main systems.

“In 2015, we saw an awful lot of cardiology intervention centers and catheterization labs get shut down because of malware. The year before, we saw the medication cabinets in nursing areas get infected,” said Finn.

David Robb, manager of laboratory information systems at Sutter Health in Palo Alto, Calif., said, “We have the whole range of threats that other industries have, but we have other challenges as well. Lab instruments have all sorts of vulnerabilities, often because of the fact that they’re not always kept up to date the way the main system is.”

Laboratories can protect sensitive information by soliciting the help of outside experts. Arvin and CEO Mac McMillan at CynergisTek recommend hiring consultants to take a look at security, even if the lab feels like they are on top of everything.

“You often miss things in house because you’re so familiar with the environment,” said Arvin. “And beyond that, when leadership hears something from the outside, they tend to take it more seriously.”

Laboratory leaders should also ensure that all staff participate in cyber breach preparation drills.

“Labs have to be involved in planning. It can’t just be an IT thing where they’re doing drills in a closet somewhere. Laboratory staff have to understand what the procedures are and how to prepare for any downtime,” said Robb.

The CDC released a discussion guide for healthcare cybersecurity that includes a number of drills and scenarios to help get organized that can be found at cdc.gov.

About The Author

Danielle Kirsh

Danielle Kirsh is an award-winning journalist and senior editor for Medical Design & Outsourcing, MassDevice, and Medical Tubing + Extrusion, and the founder of Women in Medtech and lead editor for Big 100. She received her bachelor's degree in broadcast journalism and mass communication from Norfolk State University and is pursuing her master's in global strategic communications at the University of Florida. You can connect with her on Twitter and LinkedIn, or email her at dkirsh@wtwhmedia.com.

Related Articles Read More >

This is a screenshot of the remote robotic surgery technical guidelines appearing in the World Journal of Surgery.
New technical guidelines set to advance remote robotic surgery
An image of an infusion pump.
Cybersecurity report flags device vulnerabilities and user needs
3 surprising cybersecurity risks in medical device software
Johnson & Johnson discloses executive pay and new security measures
“mdo
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest medical device business news, application and technology trends.

DeviceTalks Weekly

See More >

MDO Digital Edition

Digital Edition

Subscribe to Medical Design & Outsourcing. Bookmark, share and interact with the leading medical design engineering magazine today.

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.
DeviceTalks

DeviceTalks is a conversation among medical technology leaders. It's events, podcasts, webinars and one-on-one exchanges of ideas & insights.

DeviceTalks

New MedTech Resource

Medical Tubing

MassDevice

Mass Device

The Medical Device Business Journal. MassDevice is the leading medical device news business journal telling the stories of the devices that save lives.

Visit Website
MDO ad
Medical Design and Outsourcing
  • MassDevice
  • DeviceTalks
  • MedTech100 Index
  • Medical Tubing + Extrusion
  • Medical Design Sourcing
  • Drug Delivery Business News
  • Drug Discovery & Development
  • Pharmaceutical Processing World
  • R&D World
  • About Us/Contact
  • Advertise With Us
  • Subscribe to Print Magazine
  • Subscribe to our E-Newsletter
  • Listen to our Weekly Podcasts
  • Join our DeviceTalks Tuesdays Discussion

Copyright © 2025 WTWH Media, LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media LLC. Site Map | Privacy Policy | RSS

Search Medical Design & Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Supplies and Components Index
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • MedTech Resources
    • Medtech Events in 2025
    • The 2024 Medtech Big 100
    • Medical Device Handbook
    • MedTech 100 Index
    • Subscribe to Print Magazine
    • DeviceTalks
    • Digital Editions
    • eBooks
    • Educational Assets
    • Manufacturer Search
    • Podcasts
    • Print Subscription
    • Webinars / Digital Events
    • Whitepapers
    • Voices
    • Views
    • Video
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Women in Medtech
  • Advertise
  • Subscribe