BAC Medical Marketing
  • Home
  • Who we are ▷
    • Mission statement
    • Meet the team
    • We attract new patients
    • More for less
  • What we do ▷
    • Services offered
    • IdentityFind
    • MEDShield
    • Project samples
  • How we work ▷
    • Workflow process
    • BACMM affiliate program
    • Clients
    • Glossary
  • Why we're different ▷
    • Search engine optimization
    • Case studies
    • Letter from the President
    • Spotlighted products
  • When we're needed ▷
    • Consultancy compensation
    • Marketing tips
    • BACMM Blog
    • FAQs
  • Contact ▷
    • News you can use
    • Testimonials
    • Online resources
    • Jobs at BACMM
Call Today: 800.240.9473

a new risk: hacked personal medical devices

6/9/2017

0 Comments

 
We have entered an era of insecurity in healthcare in America. While major attention is being paid to healthcare insurance and service insecurity, food insecurity and financial insecurity, there’s another one to add to this list: medical device security.

As more medical devices have moved into the digital internet-connected mode, the risk for malware, ransomware, and overall hack-ability grows. This increasing and challenging risk is covered in the report, Medical Device Security: An Industry Under Attack and Unprepared to Defend from Ponemon Institute.

Ponemon Institute has been tracking information security across industries, including healthcare, for several years. In this survey, sponsored by Synopsys, Ponemon focuses in on healthcare polling managers who work in medical device manufacturers and healthcare delivery organizations (HDOs in this report). Surveying these two groups provides insights into their alignment on the issue of medical device security. Importantly, it’s a lack of alignment and, of concern, cohesive strategy, that’s discovered.

The first chart clearly shows that most people working in device makers and HDOs expect an attack on at least one medical device in the next 12 months. But only 17% of device makers, and 15% of HDOs say they’re taking “significant steps” to prevent an attack.

This is a weak response when 40% of healthcare providers say they — and their patients — have had a security incident with a medical device, and 31% of device makers are aware of such incidents.

What would motivate these organizations to spend more resources for securing medical devices? The second chart answers that question: a serious hacking incident first would influence both makers and providers to allocate more resources for med device security. A second driver would be regulations, especially motivational to healthcare providers. (THINK: HIPAA and HITECH incentives for EHR adoption, for example).

In the meantime, until such a major hacking incident might happen, it appears that med device makers and healthcare organizations are largely muddling through the security challenge without holistic prevention and mitigation strategies. More healthcare providers sound confident in their ability to detect security vulnerabilities than are the makers of these devices; and, fewer (25%) of makers are confident in security protocols and architectures that are baked into the devices to protect patients than are healthcare providers (38%).

A main contributor to med device security risks is vulnerable code within the device. The reasons devices contain vulnerable code, the survey respondents believe, is a lack of quality assurance and testing procedures, a rush to release the product which pressures the product teams, accidental coding errors, among other egregious practices and policies.

Among the starkest and sobering findings in this study is the one illustrated by the third chart: that only 41% of device makers feel empowered to raise concerns about the security of medical devices in their companies. Most, but not nearly the vast majority, of healthcare providers do.

The accountability for the security of medical devices is unclear in many organizations. For one-third of both makers and providers, no one person is primarily responsible for medical device security, Ponemon learned. In 41% of provider organizations, the user of the medical device is responsible for security — say a surgeon or a doctor.

Health Populi’s Hot Points: In light of the growing risk for medical device security, the ECRI Institute published recommendations for protecting these systems as the Ponemon Institute/Synopsys report went to print this month. The recent WannaCry ransomware attack disrupted hospitals in the UK’s National Health Service systems, along with many organizations outside of healthcare. For the NHS, impacts included appointment cancellations, postponement of surgeries, and emergency vehicle disruptions.

Carbon Black, a security consultancy, conducted a consumer survey following the WannaCry incident, summarizing the poll results in their report, Ransom-Aware. Over half of consumers first learned about ransomware due to the WannaCry event. Among the 5,000 U.S. consumers analyzed by Carbon Black, 7 in 10 people said they’d consider leaving their healthcare provider if hit by ransomware. This survey also found that far more consumers (42%) said their most important information was financial data, and only 5% of consumers said the most important data was their medical records — the same percent saying phone data like messages and contacts was most important.

As healthcare providers and patients adopt more digital technologies to wear and live with at home and on-the-go, via wearables and robots and implanted sensors, these risks will hit closer to home. And home is where many of us envision as the new-and-improved medical home. But there’s no “improved” here without baking in sober, sound, and holistically-planned security for patients and providers. Without a sound risk management approach to security in medical devices, the promise of the Internet of Healthy Things for peoples’ well-being will be at risk itself.
0 Comments



Leave a Reply.

    Author

    Bruce A. Cadkin, MBA President                          BAC Medical Marketing

    Archives

    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012
    December 2011
    November 2011
    October 2011
    September 2011
    August 2011
    July 2011
    June 2011
    May 2011
    April 2011
    March 2011
    February 2011
    January 2011
    December 2010
    November 2010
    October 2010
    September 2010
    August 2010
    July 2010
    June 2010
    May 2010
    April 2010
    March 2010
    February 2010
    January 2010
    December 2009
    November 2009
    October 2009
    September 2009
    August 2009
    July 2009
    June 2009
    May 2009

    Categories

    All
    Advertising
    Affiliate Marketing
    Affiliate Program
    Anna Deavere Smith
    Avoiding Malpractice Suits
    Best Practices
    Blogs
    Branding
    Cash Only Medical Practice
    Concierge Medical Practice
    Crisalix Estetix
    Customer Service
    Defensive Medicine
    Dental Practice Marketing
    Developing Physician Leaders
    Electronic Medical Records
    Emwave Products
    Expert Panels
    Facts And Figures
    Gene Smart Wellness
    Going Dutch
    Gum Disease
    Healthcare Reform
    Heartmath
    Holiday Poems
    Ingenio Expert Advice
    Internet Marketing
    In The News
    Let Me Down Easy
    Liveperson Expert Advice
    Managing By The Numbers
    Marketing Momentum
    Marketing Strategies
    Martin Luther King
    Medical Marketing
    Medical Tourism
    Meta Tags
    Mobile Marketing
    Money Driven Medicine
    Most Influential Physicians
    Omega 3 Index
    Online Reviews
    Patient Advocate
    Patrick Soon-Shiong
    Physicians At Funerals
    Practice Advertising
    Prayer Over Treatment
    Pro Football Head Trauma
    Psychographics
    Public Relations
    Referral Marketing
    Search Engine Optimization
    Social Media Marketing
    Solution To Medicare
    Staff Training Programs
    Steve Jobs
    The Art Of Apology
    Top Medical
    Web Site Design
    Web Site Marketing

    Bookmark and Share

    RSS Feed

    Picture

    I'm an expert on Maven!

    Consult with me on Maven



    Zintro Expert
    zintro.com/expert/Marketing-Maven

    Ingenio Expert

    Picture
    Liveperson Expert

    Reuters Insight Expert

    Which of the following changes in your practice most accurately reflect your goal? (Check all that apply) I would like to...
     
    pollcode.com free polls
    YouTube
    Twitter
    Code Of Ethics
    Medical Blog Award
    Picture
    Picture
    Picture
    Picture
    Picture
    Picture
    Picture
    Picture
    Picture
    Dosie Award
    Weblog Award
    AlleyDog Award
    Best Blog Contest Award
    Blogtrepreneur Award
    Top 100 Blog Award
    Blogger's Choice Award
    Blogger's Choice Award
    Blog Advertising - Advertise on blogs with SponsoredReviews.com
Privacy Policy & Cookies Policy -- Terms & Conditions of Use -- Site Map 
                
      BAC Medical Marketing, BACMM and BAC / BACMM logos are trademarks of BAC Medical Marketing.


           © Copyright 2005 - 2019 BAC Medical Marketing. All rights reserved.


Picture

Protected by Copyscape Duplicate Content Detector
Website designed by Black Mamba