Healthcare Information Security

Medical Device Security

IoT Devices, Ultrasound Machines Pose Risk to Health IT Network

March 12, 2019 - The weakest link of a healthcare IT network is IoT devices, cloud, and mobile, including ultrasound machines, due to legacy operating systems and open source systems, according to a new report from Check Point Research. The researchers found that in many scenarios these devices are easy to hack into, putting the massive storage of patient data at risk. Specifically, the researchers...


More Articles

Hospitals, Banks Face Greatest Financial Impact from Cyberattacks

by Jessica Davis

Hospitals, security firms, banks, market infrastructure providers potentially face the greatest financial impact from cyberattacks, which could lead to a weakened credit profile, according to a recent Moody’s Investors Service...

HIMSS19 to Showcase Compliance, Device Security, Vendor Management

by Jessica Davis

Cybersecurity, compliance, medical device security, and other pressing security matters will take center stage at the HIMSS19 annual conference, taking place February 11-15 in Orlando, Florida. Throughout the conference, visitors can...

DHS Alerts to Vulnerabilities in Stryker and BD Medical Devices

by Jessica Davis

The Department of Homeland Security National Cybersecurity and Communications Integration Center released two advisories on Tuesday, notifying the healthcare sector of vulnerabilities in Stryker medical beds and Becton, Dickinson (BD)...

HSCC Releases Joint Medical Device Security Lifecycle Guidance

by Jessica Davis

The Healthcare and Public Health Sector Coordinating Council (HSCC) released its medical device guidance on Monday, to help vendors, providers, and other stakeholders secure these devices throughout the product lifecycle. HCSS is a...

Improving Medical Device Security Beyond Patching, Traditional Tools

by Jessica Davis

Medical device security was thrust into the spotlight in 2018, as the Food and Drug Administration continued to bolster its cybersecurity program. In fact, an August MedCrypt report found that since the FDA released its cybersecurity...

Medtronic Ventilator Recalled by FDA for Software Update

by Jessica Davis

The Food and Drug Administration released an alert about a global voluntary corrective field action on Medtronic’s Puritan Bennett 980 ventilators. The action was announced this week and began on September 19. The FDA classified the...

DHS Finds Encryption Vulnerabilities in Medtronic Programmers

by Jessica Davis

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team discovered encryption vulnerabilities in Medtronic’s 9790 and 2090 CareLink Programmers and 29901 Encore Programmers that could...

Cybersecurity Vulnerabilities Flagged in Roche Handheld Devices

by Fred Donovan

ICS-CERT is warning about cybersecurity vulnerabilities in Roche point-of-care handheld medical devices. The devices, which go by the names Accu-Chek and CoaguChek, suffer from improper authentication, OS command injection, unrestricted...

Many IT Pros Lack Budget for Connected Medical Device Security

by Fred Donovan

A disturbing 41 percent of healthcare IT professionals do not have a separate or sufficient budget for connected medical device security, according to a recent survey by Propeller Insights on behalf of Zingbox. Despite this lack of...

FDA Needs Procedures for Recalls of Vulnerable Medical Devices

by Fred Donovan

HHS OIG is recommending that the FDA establish and maintain procedures for handling recalls of vulnerable medical devices that can be exploited by attackers or other unauthorized users. In addition, OIG advises the FDA to establish...

Cybersecurity Vulnerabilities Lurk in Brain Stimulation Devices

by Fred Donovan

Neurostimulators have cybersecurity vulnerabilities that could be exploited by hackers to get access to the devices, manipulate them, and steal data transmitted by them. This was the conclusion of a report prepared by security firm...

Medical Devices and Other Endpoints Offer Attractive Targets to Attackers

by Insight

“Attackers see medical devices and other endpoints in the healthcare environment as rich targets,” explains Julie Connolly, principal cybersecurity engineer at MITRE. Connolly identifies several security problems with medical...

FDA Takes Steps to Beef Up Medical Device Security Bona Fides

by Fred Donovan

The FDA has taken some recent steps to beef up its bona fides in medical device security. First, it recently signed a memorandum of agreement with the Department of Homeland Security to implement a new framework for increased...

NCCoE Unveils Vendor Partners for Medical Device Security Project

by Fred Donovan

The NIST-backed National Cybersecurity Center of Excellence (NCCoE) unveiled this week an initial set of vendor partners for a medical device security project called Securing Picture Archiving and Communication Systems (PACS). The vendor...

FDA Warns of Cybersecurity Vulnerabilities in CareLink Programmers

by Fred Donovan

The FDA has issued a medical device safety alert about cybersecurity vulnerabilities in Medtronic’s CareLink programmers that could enable an attacker to change the functionality of the programmer or the implanted pacemaker it...

Same Cybersecurity Vulnerability Uncovered in Different Devices

by Fred Donovan

Security researcher Dan Regalado at Zingbox uncovered the same cybersecurity vulnerability — information exposure through an error message — in two medical devices made by different manufacturers. Regalado then notified the...

Healthcare IT Execs Lack Confidence in Medical Device Security

by Fred Donovan

More than 60 percent of healthcare IT executives lack confidence that their current medical device security strategy protects patient safety and prevents disruptions in care. The survey found that only 39 percent of respondents were...

HPH SCC Set To Issue Cybersecurity Best Practices for Healthcare

by Fred Donovan

The Healthcare and Public Health Sector Coordinating Council (HPH SCC) soon plans to release voluntary cybersecurity best practices for medical device manufacturers and healthcare providers, the groups announced Oct. 1 on the kickoff...

FDA Unveils MITRE’s Medical Device Security Playbook

by Fred Donovan

The FDA released Oct. 1 a medical device security playbook it developed with MITRE to advise healthcare organizations on securing their medical equipment.  The playbook is intended to enable healthcare organizations plan for and...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...