The Cybersecurity Concerns of Medtech

The Cybersecurity Concerns of Medtech

Medtech is a term used to describe technology and devices used in a medical care setting. Medtech is a broad category, and can include disposables, surgical equipment and procedure innovations, implant technology, biomaterials, connected health IT and essentially any and all devices with which a patient can be diagnosed or treated. These devices are almost always Internet of Things (IoT) devices or otherwise connected to a network, which makes them susceptible to cybersecurity vulnerabilities.

The healthcare industry is already a prime target for cyber attackers simply due to the amount of and value of data that is stored in and transferred between providers’ networks. In more recent attacks, cyber criminals have begun to more frequently attack the medical devices themselves, either for commercial gain or just to create difficulties for healthcare providers. Data breaches already pose a serious threat to the healthcare industry, but the malicious attacks against medtech devices put more than just personal health information at risk; they threaten the very wellbeing of patients everywhere.

Contaminated Devices

In 2017, a ransomware known as WannaCry, infiltrated the network for the National Health Service hospitals in England and Scotland. Approximately 70,000 of their devices – including medtech devices – were affected by the attack. That same ransomware also affected a Bayer Medrad device, only referred to as a “power injector,” in an unnamed U.S. hospital. The contamination of the device, which is said to be used to deliver a contrast agent into patients, raised major concerns throughout the healthcare industry – namely that attackers could harm patients by altering their medication dosing.

The U.S. Food and Drug Administration (FDA) warned healthcare providers in 2015 that a specific networked infusion pump was vulnerable to being accessed and controlled by unauthorized users, but it took a malicious attack to bring real attention to the issue.

More recently, the FDA issued recommendations regarding safe guards that manufacturers of medtech devices should include in their submissions for networked devices:

  • A hazard analysis that lists the cybersecurity risks considered and the cybersecurity controls incorporated into the device.
  • A traceability matrix linking the actual cybersecurity controls to the risks that were considered.
  • The manufacturer’s plans for validating and updating device software.
  • A description of controls in the software supply chain.

The medtech industry and the security of networked medical devices is relatively new and is still growing and evolving. While manufacturers work to make their devices more secure, healthcare providers should take the initiative to protect themselves and their patients from malicious attacks by obtaining cyber risk services from a knowledgeable service provider that specializes in cyber insurance solutions for the healthcare industry.

About Connected Risk Solutions

At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at (877) 890-9301.

About Connected Risk Solutions

At Connected Risk Solutions, we provide our agent partners with bold solutions for comprehensive insurance and risk management that are unmatched in the industry. We have market connections and collective decades of industry experience, including deep specialization in healthcare liability and managed care E&O, cyber and tech liability, management and professional liability, as well as captive management and risk management. We strive to develop creative solutions no other wholesaler can match and to help our agent partners give their clients the ability to achieve continued growth while simultaneously protecting against loss.

Our specialists, located in offices throughout the country, are responsive and engaged. To learn more, connect with us.

Table of Contents

Related Posts:
nursing home insurance
Safe Haven: Best Practices for Exceptional Care and Risk Mitigation in Nursing Homes
Providing quality care and protecting vulnerable residents should be the top priority for any nursing...
cyber insurance
Code Blue for Cyber Threats: Securing Patient Safety in the Digital Age
The healthcare industry increasingly relies on digital technology and interconnected systems to provide...
healthcare staffing agencies
Risk Management in Healthcare Staffing: The Importance of Excess Liability Coverage
Specialized healthcare staffing agencies play a crucial role in the healthcare industry by deploying...