Privacy & Security

Tips to tackle the biggest cyber challenge hospitals face: medical device security

Experts from a leading nonprofit ranked device cybersecurity as the single biggest challenge hospital face today.
By Bernie Monegain
February 08, 2018
11:40 AM

The ECRI Institute put managing medical device cybersecurity threats at numero uno on its 2018 list of top 10 challenges facing healthcare. 

When dealing with medical device cybersecurity, ECRI’s focus has been largely making sure it provides practical guidance for its member hospitals, Leinonen said.

“We really need to make sure that there are appropriate resources for the healthcare facility to tackle medical device cybersecurity,” ECRI project engineer Juuso Leinonen said. As he sees it, a practical path to reach organizations’ security goals to improve their “security posture” is critical.

When asked what actions health systems could take now to boost medical device security, he didn’t have to think about it.

“Have an appropriate inventory of your medical devices,” he said. “It’s nearly impossible to effectively patch and protect medical devices without this kind of information.”

When buying medical devices, he cautioned hospital executives to make sure they are buying them with the security they need.

That’s not easy.

“At a healthcare facility, you’re looking at having thousands of devices from hundreds of manufacturers,” Leinonen said. “Each one of those could potentially have their own security requirement, which makes it almost a nightmare to manage.”

Leinonen said it is important to recognize that cybersecurity is not just an IT problem. From IT, clinical, engineering, risk management, purchasing to the front-end clinicians, just about every department is touched by security gaps.

Technology can help, but Leinonen warned, “you can’t solely focus on technology.”

When breaches occur, often there is a human component – people clicking on this or that – and recovery from an attack like that can be rough.

His best advice? Conduct an inventory of medical devices as well as the related software and incorporate security considerations as a formal part of the purchasing process

“Recognize that this is not just an IT problem,” he said. “All different individuals within an organization really should play a role in managing overall risk.”

Leinonen will be speaking in the session, “10 Challenges in Managing Medical Device Cybersecurity,” at 11:30 a.m. March 7 in the Venetian, Marcello 4401.

HIMSS18 Preview

An inside look at the innovation, education, technology, networking and key events at the HIMSS18 global conference in Las Vegas.

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Topics: 
HIMSS18, Medical Devices, Privacy & Security

More regional news

View of Mount Sinai Health System buildings in Manhattan

Mount Sinai Health announces new Center for AI and Human Health

By
Andrea Fox
November 25, 2024
Clinician stands, working with a tablet

Yale study shows how AI bias worsens healthcare disparities

By
Mike Miliard
November 25, 2024
A person checking their smartwatch-tracked fitness data on their smartphone.

Singapore tackling chronic diseases with wearables

By
Adam Ang
November 25, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Clinician stands, working with a tablet
Yale study shows how AI bias worsens healthcare disparities

Most Read

CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill
Epic calls on Carequality to release Particle dispute resolution
VP candidates' EHRs may have been improperly accessed by VA employees
Healthcare workforces need to prep for deep fakes and AI-enabled cyberattacks

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Paul Wilder at CommonWell Health Alliance_Part 1_Digital binary code with springing lock Photo by JuSun/iStock/Getty Images Plus
Notching up FHIR at scale - Part 1
David Miles at Oklahoma Heart Hospital_Part 2_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
Switching from Cerner to Epic? Meet a CIO who made it out alive
David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care

More Stories

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
David Miles of Oklahoma Heart Hospital
Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm
Healthcare workers looking at X-ray images on monitors
Streamlining healthcare operations with multicloud-by-design
Nurses review a patient record on a digital tablet
All private hospitals in Singapore to connect to...
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Mehmet Oz
Trump picks Dr. Mehmet Oz to head CMS
Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
OIG again deems HHS' infosec program ineffective
Joanna Lucas, RN, of St. Luke's University Health Network
Case and referral management technology gets big results for St. Luke's