Cybersecurity Top Health Issue in 2016

We Are at War

Cybersecurity Top Health Issue in 2016

Medical Devices are Vulnerable to Hacking

Medicine and healthcare are in a cyberwar with hackers. Mobile devices and large health-care databases are the targets. The weapons are patience, smart technology, and algorithms. Cybersecurity is the only defense, and outsourcing cybersecurity companies working in the medical field are mushrooming.

The digital revolution birthed the cybersecurity industry (CSI), but data miners give it momentum and gravitas. CSI spending is expected to reach $1 trillion globally over the next five years, with a 12 percent to 15 percent year-over-year growth. Hacking personal, corporate, medical and government systems, and smart devices is omnipresent. POTUS emails were hacked. SONY suffered financial losses after ideological cyber-attacks, and the 2016 Democratic Party convention turned from ardor to fractious after hacked email releases.

They Can Kill You over the Internet

On October 4, 2016, Jim Finkle of Reuters revealed the first manufacturer warning in the nation to wireless insulin pump diabetics that their mobile device is vulnerable to hacking. Makers of pacemakers and defibrillators also expressed concerns about their vulnerability to cyber-attacks.

The Food and Drug Administration (FDA) issued warnings in 2015 about cyber bugs in infusion pumps from Hospira. On January 22, 2016, the FDA issued draft guidance measures for “Postmarket Management of Cybersecurity in Medical Devices.”

Here are several proactive measures companies can take:

* Be transparent in assessing and sharing device vulnerabilities

* Invest in cybersecurity research and development to disclose unknown vulnerabilities, and build firewalls for protection for device interoperability

* Employ data encryption to secure data transfer from patients to doctors

* Cybersecurity professionals need to design cybersecurity methods for connecting wearable devices and change default device passwords regularly

* Engage physicians and federal regulators as partners for ensuring patient safety

Johnson & Johnson is working with cybersecurity outsourcers to prevent hackers from interfering with the delivery of unauthorized insulin injections. For instance, Internet communications of the device are currently not encrypted or scrambled.

Hacking is difficult, and J&J believes there is a low risk, but the company suggests changes to the

 Cybersecurity Top Health Issue in 2016

Medical Devices are Vulnerable to Hacking

wireless asset of the device and limiting the maximum insulin dose.

Certify It Works; Certify It’s Safe

No patient wearing a mobile medical device has yet reportedly been harmed or killed by hacking of a mobile medical device. Yet no mobile medical device should be sold into the market until certified safe by a cybersecurity company.

Hackers are targeting the industry. They invade health-care and hospital databases. Eighty-five percent of medical practices and hospitals reported data breaches in 2014 costing millions of dollars in payments to hackers and cybersecurity specialists to repair breaches. One company allegedly paid a ransom for the return of breached files.

PwC, a private firm, expects $285 billion in devices will be Internet connected in the next four years. Security breaches are dangerous and costly, so medical device makers better partner with outsourcers to protect against their products’ vulnerability to hackers before the problems become unmanageable.

Dr. Goldmeier was a Research and Teaching Fellow at Harvard University, where he received his Doctorate in Education. He is a former consultant to the US Surgeon General on federally funded Maternal and Child Health programs. Currently, he teaches international university students and serves as a business analyst and development consultant for companies and nonprofit organizations. His new ebook on Amazon is Healthcare Insights: Better Care Better Business.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>