Medical Design and Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • Subscribe to Print Magazine
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech

Evolving Technologies Pose Challenge for Medical Device Security

December 13, 2016 By Vanderbilt University Research

It is the ultimate invasion of privacy: An unscrupulous hacker gains access to a network of interconnected medical devices and then, with a few quick keystrokes, remotely delivers a fatal electric shock to some unsuspecting victim’s pacemaker. This may sound like the plot of a spy novel, but such a scenario, at least from a technological standpoint, is not out of the realm of possibility.

As today’s health care industry relies increasingly on devices and systems that collect and share data between one another, cybersecurity breaches have become a troubling new reality. In fact, just last month, two device manufacturers—St. Jude Medical and Johnson & Johnson—issued separate warnings that their respective cardiac implants and insulin pumps were vulnerable to hackers.

While other industries, like the financial sector, have made cybersecurity a priority for 20 years or more, health care has been relatively late to the game and is now behind the curve in addressing such threats, according to M. Eric Johnson, dean of Vanderbilt Owen Graduate School of Management and Bruce D. Henderson Professor of Management.

(Credit: Pixabay)

“Health care is behind for several reasons,” he said. “It’s a very fragmented industry—you have countless clinical operations, and many of them are quite small and don’t invest in information security. And then at the other end of the spectrum, there are these hospitals that are, in effect, high-tech islands. They have these amazing surgical robots and other technology, but only in the last five years has there been a push to build a more integrated IT backbone with security.”

Johnson, who studies information technology’s impact on the extended enterprise, has co-written a new article examining the chronology of medical device security. Published in the October 2016 issue of Communications of the ACM, “A Brief Chronology of Medical Device Security” is the result of an interdisciplinary project, known as Trustworthy Health and Wellness (THaW), which is funded by the National Science Foundation. A.J. Burns, assistant professor of computer science at the University of Texas–Tyler, and Peter Honeyman, research professor of computer science and engineering at the University of Michigan–Ann Arbor, collaborated on the article.

“We’re now seeing medical device security in the news regularly,” Johnson said. “What my colleagues and I wondered was: How did it get to this point? And what are the policy issues that have been governing it over that time?”

In the article Johnson and his co-authors identify four major inflection points that span the evolution of medical devices and their security: (1) “Complex Systems and Accidental Failures” (1980s–present), (2) “Implantable Medical Devices” (2000–present), (3) “Unauthorized Parties and Medical Devices” (2006–present), and (4) “Cybersecurity of Medical Devices” (2012–present). The authors also lay out a timeline of important legislation aimed at regulating and/or enhancing security and privacy in the health sector. In the end, they arrive at several conclusions:

  • The future of medical device security will be defined by the steps that the health sector takes today.
  • Security trade-offs characterize the design and deployment of medical devices.
  • Discussions of cybersecurity and medical devices often are distorted by misinformation and frightening language.

With regard to the latter, the authors wrote, “We must resist the temptation to sensationalize the issues related to cybersecurity in the health sector, and instead apply sober, rational, systematic approaches to understanding and mitigating security risks.”

What then should be the appropriate course of action for health care professionals and their patients? Is there one risk they should be concerned about above all others? Johnson and his co-authors offer a clear answer in that regard.

“It is safe to say that patients’ reluctance to accept medically indicated devices due to concerns about security poses a greater threat to their health than any threat stemming from medical device security,” they wrote.

In other words, the biggest danger to patients’ health is not the security threats themselves but rather the irrational decisions that might result from these perceived threats. While users of medical devices may be vulnerable to hackers in theory, there is not enough of a risk, according to the authors, to discourage use of the devices altogether. A hijacked pacemaker makes for an interesting plot twist in a novel, but it is not very likely to happen in real life.

“Unless you’re the president of some country,” Johnson said, “or someone with a lot of enemies, I wouldn’t worry about being personally targeted.”

Related Articles Read More >

Prix Galien USA 2022 nominees
The 24 best medical device innovations of 2022
BinaxNow COVID-19 Ag Card
FDA issues new COVID-19 testing guidance to avoid false negatives
A lateral flow assay test for measuring COVID-19 immunity
COVID-19 immunity test developers at MIT seek diagnostic manufacturer
GE Healthcare image illustrating contrast media uses
GE Healthcare picks AI imaging startups for inaugural Edison Accelerator

DeviceTalks Weekly.

August 12, 2022
DTW – Medtronic’s Mauri brings years of patient care to top clinical, regulatory, scientific post
See More >

MDO Digital Edition

Digital Edition

Subscribe to Medical Design & Outsourcing. Bookmark, share and interact with the leading medical design engineering magazine today.

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.
DeviceTalks

DeviceTalks is a conversation among medical technology leaders. It's events, podcasts, webinars and one-on-one exchanges of ideas & insights.

DeviceTalks

New MedTech Resource

Medical Tubing

Enewsletter Subscriptions

Enewsletter Subscriptions

MassDevice

Mass Device

The Medical Device Business Journal. MassDevice is the leading medical device news business journal telling the stories of the devices that save lives.

Visit Website
MDO ad
Medical Design and Outsourcing
  • MassDevice
  • DeviceTalks
  • MedTech100 Index
  • Medical Tubing + Extrusion
  • Medical Design Sourcing
  • Drug Delivery Business News
  • Drug Discovery & Development
  • Pharmaceutical Processing World
  • R&D World
  • About Us/Contact
  • Advertise With Us
  • Subscribe to Print Magazine
  • Subscribe to E-newsletter
  • Attend our Monthly Webinars
  • Listen to our Weekly Podcasts
  • Join our DeviceTalks Tuesdays Discussion

Copyright © 2022 WTWH Media, LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media LLC. Site Map | Privacy Policy | RSS

Search Medical Design & Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • Subscribe to Print Magazine
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech