WIBU-SYSTEMS
351

Digital Security in the Ever-Changing Connected Healthcare Landscape

MarketingWIBU-SYSTEMS AG on May 3, 2019 at 4:29 PM

The digital footprint of the healthcare landscape continues to expand as more and more medical devices come online, both next generation systems and legacy equipment, with many allowing remote access. Digital patient data continues to proliferate beyond the confines of the medical facility as well. This evolution necessitates a critical shift in focus onto digital security solutions that involve collaboration between device manufacturers and healthcare CIOs.

A recent report published by Gartner, Focus Now on Digital Security Opportunities Within Connected Medical Devices, shines a spotlight on three critical areas of impact on the digitalized healthcare industry:

  • Impact of healthcare data breaches on bottom line and brand equity is now creating the need for dedicated digital security services
  • Fuzzy regulations on digital security as a “Shared Responsibility” necessitate targeting medical device firms and healthcare providers
  • Connecting “Legacy” medical devices designed for the siloed IT age is creating a need for dedicated digital security solutions

Much recent attention has been focused on the vulnerabilities and security threats that have been exposed in medical device endpoints. From the standpoint of Wibu-Systems, we consider medical device endpoints to represent the greatest vulnerabilities for hackers. These endpoints can include any type of connected medical system, such as surgery robots, X-ray machines, MRI scanners, dental devices, infusion pumps, and patient monitors. 

Attacks on these endpoints can result in compromised device functionality, loss of data (medical or personal) availability, or integrity, or exposure of other connected devices or networks to security threats. These security breaches have the potential for catastrophic consequences resulting in patient illness, injury or even death.

We’ve worked with many companies on various aspects of medical device security, particularly on protecting medical device endpoints. Areas of focus include:

  • physical security to prevent uncontrolled changes to or the removal of the endpoint root of trust to provide confidence on the endpoint identity
  • integrity protection to ensure that the endpoint is in the configuration that enables it to perform its functions predictably
  • access control to ensure that proper identification, authentication and authorization protocols are performed
  • secure configuration and management to control updates of security policies and settings
  • monitoring and analysis for integrity checking, detecting malicious usage patterns or denial of service activities, and enforcing security policies and analytics
  • data protection to control data integrity, confidentiality and availability
  • security model and policy for governing the implementation of security functions

If you are planning to attend the T4M Medical Technology Meeting in Stuttgart, Germany, May 7 – 9, 2019, I will present a talk on how the increasing network of connected medical devices makes security critical to prevent tampering with configuration data and secure the confidentiality and integrity of patients’ records. I will also discuss the potential for new business models that will benefit device manufacturers, operators, and patients.

You can also learn more about medical device security mechanism and monetization opportunities in our customer case studies from Agfa HealthCareCUSTO MEDDentsply Sirona, and Fritz Stephan.

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Schneiderstr. 6, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.