The cybersecurity risk associated with connected medical devices leads to heightened concern from regulatory bodies, healthcare professionals, and the media.
The confidentiality, integrity, and availability of patient infusion data are critical to the safe and efficient delivery of patient care. Cybersecurity risks associated with this data are at the core of concerns from those who are intimately involved with the protection of reliable, actionable patient data.
Cybersecurity used to mean simply protecting the perimeter of a hospital’s IT system with firewalls. The increasing sophistication of cybercrime, including ransomware, means hospitals need to focus on threat detection from the inside too. Every point where a user can enter a system—including through connected medical devices—needs to be appropriately secured.
From a regulatory perspective, organizations such as the US Food and Drug Administration (FDA) expect manufacturers to analyze, control, and share cybersecurity risks. The FDA has released guidance for pre-market submissions and post-market management of cybersecurity for medical devices as an integral part of the product life cycle.