According to the Healthcare Information and Management Systems Society (HIMSS), “medical devices and systems represent a growing risk with respect to the security of the medical data they contain. Hospitals and similar healthcare organizations typically have 300% to 400% more medical equipment than IT devices and two trends are contributing to the increasing significance of this security risk:
- Medical devices and systems are being designed and operated as special purpose computers… more features are being automated, increasing amounts of medical data are being collected, analyzed and stored in these devices.
- There has been a rapidly growing integration and interconnection of disparate medical (and information) technology devices and systems where medical data is being increasing exchanged.
The U.S. Food and Drug Administration (FDA) echoes the comments from HIMSS saying, “medical devices, like other computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device. This vulnerability increases as medical devices are increasingly connected to the internet, hospital networks and to other medical devices.”
The increased use of wireless technology and software in medical devices increases the risks of potential cybersecurity threats; at the same time, these features also improve the ability of healthcare providers to treat patients, resulting in improved healthcare. Ultimately, there is a growing need to protect patient safety while promoting the development of innovative technologies to protect these devices against cybercriminals.
