504,555 active members
4,561 visitors online
Register for free
Login Register
WIBU-SYSTEMS Blog

Digital Security in the Ever-Changing Connected Healthcare Landscape

May 2019
03
med_wibu-systems
Author: med_wibu-systems
Company: WIBU-SYSTEMS AG
Digital Security in the Ever-Changing Connected Healthcare Landscape

The digital footprint of the healthcare landscape continues to expand as more and more medical devices come online, both next generation systems and legacy equipment, with many allowing remote access. Digital patient data continues to proliferate beyond the confines of the medical facility as well. This evolution necessitates a critical shift in focus onto digital security solutions that involve collaboration between device manufacturers and healthcare CIOs.

A recent report published by Gartner, Focus Now on Digital Security Opportunities Within Connected Medical Devices, shines a spotlight on three critical areas of impact on the digitalized healthcare industry:

  • Impact of healthcare data breaches on bottom line and brand equity is now creating the need for dedicated digital security services
  • Fuzzy regulations on digital security as a “Shared Responsibility” necessitate targeting medical device firms and healthcare providers
  • Connecting “Legacy” medical devices designed for the siloed IT age is creating a need for dedicated digital security solutions

Much recent attention has been focused on the vulnerabilities and security threats that have been exposed in medical device endpoints. From the standpoint of Wibu-Systems, we consider medical device endpoints to represent the greatest vulnerabilities for hackers. These endpoints can include any type of connected medical system, such as surgery robots, X-ray machines, MRI scanners, dental devices, infusion pumps, and patient monitors. 

Attacks on these endpoints can result in compromised device functionality, loss of data (medical or personal) availability, or integrity, or exposure of other connected devices or networks to security threats. These security breaches have the potential for catastrophic consequences resulting in patient illness, injury or even death.

We’ve worked with many companies on various aspects of medical device security, particularly on protecting medical device endpoints. Areas of focus include:

  • physical security to prevent uncontrolled changes to or the removal of the endpoint root of trust to provide confidence on the endpoint identity
  • integrity protection to ensure that the endpoint is in the configuration that enables it to perform its functions predictably
  • access control to ensure that proper identification, authentication and authorization protocols are performed
  • secure configuration and management to control updates of security policies and settings
  • monitoring and analysis for integrity checking, detecting malicious usage patterns or denial of service activities, and enforcing security policies and analytics
  • data protection to control data integrity, confidentiality and availability
  • security model and policy for governing the implementation of security functions

If you are planning to attend the T4M Medical Technology Meeting in Stuttgart, Germany, May 7 – 9, 2019, I will present a talk on how the increasing network of connected medical devices makes security critical to prevent tampering with configuration data and secure the confidentiality and integrity of patients’ records. I will also discuss the potential for new business models that will benefit device manufacturers, operators, and patients.

You can also learn more about medical device security mechanism and monetization opportunities in our customer case studies from Agfa HealthCareCUSTO MEDDentsply Sirona, and Fritz Stephan.

Blog Archiv

September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
October 2016
September 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016