Cybersecurity is one of the biggest issues in the digital age. The healthcare industry isn’t isolated from it. In fact, recent data from the FBI revealed that 25% of ransomware attacks were aimed at the healthcare industry. Such cybersecurity breaches can lead to seriously adverse outcomes for patients, including the theft of sensitive data.
As diagnostic devices become smarter and enter non-clinical spaces (e.g., patients’ homes, mobile devices), it’s important to ensure that cybersecurity threats are minimized as much as possible. CorDx is aware of the evolving use-cases of diagnostic technology and actively considers the data security implications in advance of designing any diagnostic.
A 2022 survey of IT and IT security experts in healthcare organizations reported that 89% of surveyed organizations had experienced at least one cyberattack in the past 12 months. The experts surveyed suggested that vulnerabilities such as unprotected devices connected to the “healthcare internet of things” (or the “internet of medical things”) were major contributors to ransomware attacks.
Regulatory Requirements for Cybersecurity in Medical Devices
Regulatory bodies have issued new guidelines for medical and diagnostic device manufacturers in response to ransomware and other cyberattacks targeting healthcare organizations. The US Food and Drug Administration (FDA), the European Commission, the Australian Therapeutic Goods Administration, and Health Canada have all published guidelines on how to meet cybersecurity requirements. For example, the FDA increased its assessment requirements for medical device cybersecurity, with a particular focus on their potential to compromise healthcare IT networks. The FDA guidelines include:
Cybersecurity Protection for Medical Devices
The interconnectivity of diagnostic technology advances healthcare, but it also introduces significant vulnerabilities. Efforts to improve cybersecurity protection can be applied in two ways:
The FBI has also provided guidance and recommendations to minimize vulnerabilities associated with medical device design. The most significant findings by the FBI were outdated software and a lack of adequate security features. Moreover, improving cybersecurity protection for diagnostic devices (and frameworks) depends on the system’s connectivity ability, features, and how it collects, logs, or transmits data. Cybersecurity protection features for diagnostic devices may include:
Manufacturers and service providers are not alone in upholding cybersecurity protection. The patient needs to be aware and vigilant against potential cybersecurity threats. Such cybersecurity protective measures are similar to those used by smart devices. These can include:
original source: https://cordx.com/blog/cybersecurity-for-diagnostic-devices-what-you-need-to-know/
Media ContactCompany Name: CorDxEmail: Send EmailPhone: +1 (858) 333-1122Address:3333 Piedmont Rd NE #700 City: Atlanta State: GA, 30305Country: United StatesWebsite: https://cordx.com/