Connected medical devices promise value for patients and physicians, but the devices also present new cybersecurity exposures that could put patients and their information at risk. The ECRI Institute, known for evaluating medical device cybersecurity, has developed a list of 10 problems facing medical device cybersecurity.
These 10 key issues have the potential to be extremely problematic for managing medical devices.
Demand during the COVID-19 pandemic has left B2B healthcare industry manufacturers and distributors struggling to keep up. Subsequently, many organizations have discovered gaps in areas of their business such as ecommerce, site experience, product information management (PIM), and more.
Medical devices are no longer a stand-alone portion of the healthcare environment. Devices are becoming multi-connected on a vast network of computers and data warehouses. These networks present possible exposure to risk when being transmitted through multiple website and wireless components.
ECRI Institute embarked this journey of discovery to gauge medical device cybersecurity through a case study on infusion pump security capabilities.
10 Challenges Facing Medical Device Cybersecurity
- Inadequate Medical Device Software Inventory
- Impractical Medical Device Patch Installation
- Hard-to-Secure Legacy Devices
- Unsecure Medical Device Design
- Vulnerability Scanning Disrupting Medical Devices
- Medical Device Server Management
- Remote Server Access Control
- Vendor Reluctance to Share Information
- IT and Clinical Engineering Collaboration
- Cloud Services for Medical Devices
There are many issues facing cybersecurity in medical devices but the list above focuses on the 10 biggest problems a facility could possibly face. There is no “one size fits all” solution to cybersecurity. Medical device cybersecurity requires consistently on-going attention to remain productive and efficient.
One solution to address in the beginning, is that medical device cybersecurity is a collective obligation between producers, locations and the regulatory organizations. Medical devices connected via networks introduce an entirely new level of importance for patients and doctors, but they also acquaint with new cybersecurity exposures that could affect clinical procedures and put patient care at risk.