Author: Rami Azulay | Master ALM for Medical Device

In this article we have compiled a set of RISKs that you may want to consider in your RMF file, to better protect your medical device from future Cyber Security attacks. While the 2017 data is still sketchy, we can determine that security hacks of electronic medical records have more than doubled in 2015, costing the healthcare system at least $50 billion. This information is as per a new report from the American Action Forum. Recent 2017 cyber security attacks have not surpassed health care systems, and so we must address  how we should handle  such breaches.

It is our goal at ORCANOS to address health care systems security. We are seeking to come up with true practical actions that can be performed by any medical device vendor. Through  our ORCANOS | RISK management system, you can address cyber security events that are related to medical devices. This system is now available for you on our evaluation system;  you may  register on our web site www.orcanos.com.

A RISK based approach is the best way for any medical device vendor to both analyse  and mitigate cyber security breaches. The RISK system also forces the vendor to walk through the device design analysis so as to understand possibilities for security breaches.

In this post, the RISK based process is shortened for you, and we update you on  recent cyber attacks, as well as suggest how you can  handle them; based on  your device. The full list of RISKs on our evaluation system is available for FREE.

Electronic Health Record Systems

The most widely attacked systems at this time, are Electronic Health Record (EHR) systems. These attacks are not EHR specific, but impact other systems that are connected to the EHR. While the adoption of EHR systems promises tremendous benefits, including better care and decreased healthcare costs; serious unintended consequences from the implementation of these systems have emerged. Why is healthcare data such a target?  For one, data indicate that health care information is worth 10 to 20 times more than credit cards information on the black market (selling for at least $10 each). Additionally, medical information compared to credit card fraud, can be used in different ways – to access bank accounts, defraud insurers and governments, and obtain prescriptions.

So here are 4 ways to control this risk.

Electronic health records can be compromised

Pacemakers or insulin pumps vulnerability to high profile attacks

The recent introduction of Internet Of Things (IOT) into  medical device softwares, has  significantly exposed them to potential cyber attacks. One  case study discusses  an attack on of a “smart” insulin pump. According to the study, a hacker  could  kill the patient by ordering an insulin injection when none was needed. So-called “smart” devices are notoriously weak  when it comes to digital security. We have  seen too many high profile cases where  significant preventable damage was done. Equipment manufacturers often can’t be bothered to insert  reasonable security measures into the equipment they sell. This  means that  if your device is in some way connected to a network, it is critical that you ensure that access to your device is only possible by authorized personnel, and that your communication protocols are all encrypted or scrambled to the highest security network layer.

Pacemakers or insulin pumps vulnerability to high profile attacks

There are far more  RISKs we would like you to know about, which can  help you improve existing security, protecting your device from the next cybersecurity attack.  Over the past 12 years, ORCANOS has gathered intelligence and experience to provide you with the best system to manage security RISKs. Go ahead and register today for your FREE 30 days evaluation system.

The post Tip Of The Week – RISKs To Protect Your Medical Device From the Next Cyber Security Attack appeared first on orcanos.