- Gartner EMM Report Highlights Mobile Security Advancements
The report stated that medical devices are vulnerable to attacks because they constantly store and transfer PHI. The rise of advanced IT infrastructure and connected hospitals demand better and more inclusive medical device security solutions.
“The increasing adoption rate of connected devices by consumers, use of mobile health applications/devices (home care), government regulations, lack of security testing on medical devices, and increasing initiatives toward connected hospital are expected to drive the market,” the report stated. “In addition, lack of knowledge and access control, pressure to meet production activities, and standardization of technology are few challenges hampering the medical device security market growth.”
A recent Ponemon study also found that there is a significant lack in connected medical device security.
Nearly one-third of device manufactures and healthcare organizations are aware of the potential negative affects unsecured devices have on patients and their health data. However, only 17 percent of device manufacturers and 15 percent of healthcare organizations are taking significant steps to prevent attacks from vulnerable connected medical devices.
The study showed that the growth of mobile device usage across the healthcare industry significantly increases security risks because mobile devices are inherently difficult to secure.
Eighty percent of medical device manufacturers and users said medical devices are very difficult to secure. Only 25 percent of respondents said security protocols or architecture built inside devices adequately protects clinicians and patients.
"The security of medical devices is truly a life or death issue for both device manufacturers and healthcare delivery organizations," Ponemon Institute Chairman and Founder Dr. Larry Ponemon said in a statement. "According to the findings of the research, attacks on devices are likely and can put patients at risk. Consequently, it is urgent that the medical device industry makes the security of its devices a high priority."
The study also revealed that only 44 percent of entities follow FDA guidance to reduce security risks in medical devices.
Earlier this week the FDA released its final guidance for smart and secure interactions among medical devices. The guidance stressed the importance of medical device interoperability for security as organizations continue to incorporate devices into their network ecosystem.
“As electronic medical devices are increasingly connected to each other and to other technology, the ability of these connected systems to safely and effectively exchange information and use the information that has been exchanged becomes increasingly important,” FDA wrote. “Advancing the ability of medical devices to exchange and use information safely and effectively with other medical devices, as well as other technology, offers the potential to increase efficiency in patient care.”
Organizations can increase the safety of their medical devices by focusing on the data that’s exchanged among the devices and taking steps to secure it. If devices are designed with interoperability as an objective, the FDA states that it will significantly improve safety.
Entities looking to improve their medical device security should adhere to FDA recommendations and look for a solution that has interoperability and secure data exchange features.