- Wirelessly connecting infusion pumps to point-of-care medication systems and EHRs improves healthcare delivery but also increases cybersecurity vulnerability, warned NIST and the National Cybersecurity Center of Excellence (NCCoE) in a new guide.
If not properly secured, wireless infusion pumps open healthcare delivery organizations (HDOs) to access by hackers, breach of PHI, loss or disruption of equipment and services, and damage to reputation, productivity, and revenue.
“With an increasing number of infusion pumps connecting to networks, the vulnerabilities and risk factors become more critical, as they can expose the pump ecosystem to external attacks, compromises, or interference,” warned the guide, NIST SP 1800-8: Securing Wireless Infusion Pumps.
Wireless infusion pumps are challenging to protect, the guide observed. They can be infected by malware, which can cause them to malfunction or operate differently than originally intended. Unfortunately, traditional malware protection could negatively affect the pump’s ability to operate efficiently.
In addition, most wireless infusion pumps contain a maintenance default passcode. “If HDOs do not change the default passcodes when provisioning pumps, and do not periodically change the passwords after pumps are deployed, this creates a vulnerability. This can make it difficult to revoke access codes (e.g., when a hospital employee resigns from the job). Furthermore, information stored inside infusion pumps must be properly secured, including data from drug library systems, infusion rates and dosages, or PHI,” the guide noted.
The wireless infusion pump ecosystem creates a large attack surface, due to vulnerabilities in operating systems, subsystems, networks, or default configuration settings that could allow unauthorized access.
Because many infusion pump models can be accessed and programmed remotely through a wireless network, vulnerabilities could be exploited by an unauthorized user to interfere with the pump’s function, harming a patient through incorrect drug dosing or the compromise of that patient’s PHI.
These risk factors expose the wireless pump ecosystem to external attacks, compromise, or interference, the guide warned.
To counter these threats, SP 1800-8 offers HDOs best practices on how to manage wireless infusion pumps and related assets, protect against threats, and mitigate vulnerabilities.
After conducting a risk assessment, the NCCoE developed an example implementation that demonstrates how HDOs can use standards-based, commercially available technologies to protect the infusion pump ecosystem, including patient information and drug library dosing limits.
NIST and NCCoE recommended a “defense-in-depth” strategy for protecting wireless infusion pumps and their supporting systems that protects the organization with security layers to avoid a single point of failure.
The strategy is designed to reduce cybersecurity and operational risk, such as the loss of PHI or interference with medical device operation.
In the guide, the security characteristics of the wireless infusion pump ecosystem are mapped to the NIST Cybersecurity Framework and the HIPAA Security Rule.
“As infusion pumps continue to evolve as part of an IoMT [internet of medical things] ecosystem, capabilities, including endpoint encryption and identity and access management may become available, thus further enhancing automated management of the medical device zone,” the guide noted.
“Over the course of time, manufacturers may consider the application of future technologies, or may need to address unanticipated threats in a novel fashion,” it added.
The guide demonstrated how biomedical, networking, and cybersecurity engineers and IT professionals can securely configure and deploy wireless infusion pumps to reduce cybersecurity risk.
Companies that worked with NIST and NCCoE on the guide include B. Braun Medical, Baxter, BD, Cisco, Clearwater Compliance, DigiCert, Hospira, Intercede, MDISS, PFP Cybersecurity, Ramparts, Smiths Medical, Symantec, and TDi Technologies. The NCCoE was established in 2012 by NIST in partnership with the state of Maryland and Montgomery County, Maryland.