Tag Archives: blockchain

Contrasting Healthcare Cybersecurity Risks Speculation with Reality

How Hackers are Costing Hospitals Millions of Dollars Possibly Hindering Wearable Medical Device and IoT Healthcare Innovations That Could Advance Patient Care

Medical Device Cybersecurity

In our last blog, we discussed an article, “Hackers Will Target Hospitals Like Never Before in 2017.” This time, we are again discussing an article big, scary headline that relates to hackers and healthcare cybersecurity—but with a twist.

 

The twist is that last week’s headline used the auxiliary verb “will” to speculate about potential cybersecurity risks, as where this week’s past-tense headline reflects on the harsh realities and outcomes of those risks: “Hackers Hit 320% More Healthcare Providers in 2016 than in 2015, Per HHS Data.”

 

If indeed both headlines are accurate, then a certain logic dictates hackers will hit at least 321% more healthcare providers in 2017 than in 2016. But it’s not the numbers themselves that are most interesting; instead, what’s most interesting is where they came from: the U.S. Department of Health and Human Services.

 

HHS apparently takes hospital hacking pretty seriously, as illustrated in the article:

 

“$23,505,300 was paid to the HHS Office for Civil Rights in 2016 to resolve HIPAA violations that occurred at 13 provider organizations during 2012-2013.”

 

Obviously, HHS’ concern is for the patient privacy—and violations are obviously costly…and presumably getting costlier. After all, if the average fine during 2012–13 was more than $1.8 million, and if the frequency of hacking continues to increase as expected, then presumably, HIPAA violations and the millions of dollars in fines will increase too.

 

Along with the unfortunate loss of privacy for some patients, there’s also the unfortunate economic reality involved in this: Somebody will have to pay, which usually means the customer (read: patients).

 

Extending this notion further, there’s also the economic impact on hospitals being willing to adopt new technologies—such as wearable medical devices and IoT healthcare devices—that require access to those same hackable networks and arguably make them more vulnerable. Not only does this hurt patients that might benefit from hospitals that might otherwise be more inclined to adopt wearables, but of course, it arguably slows innovation, which certainly does not benefit medical device designers and developers.

 

The article adds a point in this context:

 

“Risks are no longer just about loss or theft of data. The ransomware attacks of 2016 show how security incursions can restrict the availability of health data to providers, impacting their ability to deliver care.”

 

If there is a silver lining, it’s that healthcare and technological innovation are difficult forces to slow down. From the doctors that commit their lives to healing others to the medical device designers that thrive on making products better, faster, smaller, etc. for those doctors, one can hope that the good guys will continue to keep a step ahead of the bad guys. The pivotal factor, of course, is cybersecurity—a topic we’ve also been following closely in this blog.

 

However, as we said last week, this leads to the current technological Gordian knot in our industry: Digital security technologies like Blockchain can protect the good guys from the bad guys—but it also can make it harder to protect the good guys from the bad guys. Watch this space for more on this subject…

 


 

DeviceLab is an ISO-13485 certified medical device development company that has completed more than 100 medical device design projects of varying complexity—including medical device software development and wireless medical device design services for the newest breeds of medical IoT, mHealth and medical wearables.

Top 3 Medical Device Design and Development News and Blogs of the Week: April 9, 2017

This week examines issues related to news about healthcare network security and hackers, safe deployment of medical devices, and a Toronto hospital’s new wireless healthcare network.

DeviceLab is keenly interested in diverse aspects that relate to medical device design and development—in particular, mHealth and healthcare IoT. When we find information particularly exceptional or interesting, we often share it on our @devicelab Twitter feed (which we encourage you to follow). This is a weekly post that shares the best medical device design and development information that we found from the previous week.

 

1. Hackers Will Target Hospitals Like Never Before in 2017

On the surface, this is a significant article because it warns of the possibility that “ransomware damages will reach $1 billion” through the “convergence of vulnerable legacy hardware and software systems and the emergence of connected health, Internet of Things devices that are not always built with security in mind.”

 

However, it is also significant after what we wrote last week with regard to healthcare network security as it relates to potential solutions via blockchain and the risks associated with data storage. How so? One word: Bitcoin.

 

As this article explained:

 

“Bitcoin, in fact, has enabled and encouraged criminals to pursue ransomware attacks.”

 

Bitcoin, for those that may not know, relies upon blockchain. And therein lies a problem for blockchain’s potential to be embraced by healthcare IT—which impacts how mHealth and IoT medical device designers and developers create new products. As quoted in one of the featured articles in our blog last week, there is a “mistrust of the technology” due to blockchain’s association with ransomware and use as payment for illegal items on the Dark Web.”

 

Arguably, this is a technological Gordian knot: Blockchain can protect the good guys from the bad guys—but it also can make it harder to protect the good guys from the bad guys.

 

2. How to Securely Deploy Medical Devices

Similar to the last article, this also has multiple layers of significance. On the surface, it concisely explains a new series of best practices that are a response to the:

 

“…Food and Drug Administration (FDA) issuing both premarket’ (2014) and ‘postmarket’ (2016) guidance for improving security in the development and manufacture of connected medical devices.”

 

And once again, this very challenging and complex matter of ensuring that both HIT and medical device design & development are keeping pace with embracing new innovations while also being mindful of the fact that:

 

“…many organizations could have dozens to hundreds of legacy devices, designed to last a decade or more, that don’t meet modern best-practice standards.”

 

For that matter, the challenges of securely integrating legacy technology with new technology is something we also explored last when we shared an article about healthcare data storage security.

 

3. Toronto Hospitals First in Canada to Implement Complete Wireless Network

Finally, this article continues this week’s theme of multilayered significance. On the surface, it’s simply exciting news, because it’s another bit of evidence that healthcare connectivity is no longer the future of healthcare, but instead, is slowly but surely becoming the now of healthcare (read: state of the art).

 

The other layers of significance should be obvious, because if indeed connected healthcare is what may be considered state-of-art (which relies upon connected medical devices, IoT medical devices, etc.), then that means protecting the security of connected healthcare (and its medical devices) need to continue to at the forefront of discussions in medical device design and development.

 


 

DeviceLab is an ISO-13485 certified medical device development company that has completed more than 100 medical device design projects of varying complexity—including medical device software development and wireless medical device design services for the newest breeds of medical IoT, mHealth and medical wearables.

Top 3 Medical Device Design and Development News and Blogs of the Week: April 2, 2017

This week’s top news and blogs include securing wireless and IoT medical devices health data with blockchain and Cloud networks, and a new IoT institute at the University of Florida.

 

DeviceLab is keenly interested in diverse aspects that relate to medical device design and development—in particular, mHealth and healthcare IoT. When we find information particularly exceptional or interesting, we often share it on our @devicelab Twitter feed (which we encourage you to follow). This is a weekly post that shares the best medical device design and development information that we found from the previous week.

 

1. Blockchain Can Help Secure Medical Devices, Improve Patient Privacy

 

For months, we’ve been sharing articles and writing about security for wireless medical devices—especially as a crucial obstacle for exploiting the tremendous mHealth potential for medical IoT devices.

 

And for months as we’ve been following and researching this topic, the concept of blockchain as a potential solution has frequently occurred.

 

This preface is an important reason for why this article is being highlighted this week, because it immediately touches on one of the problems with embracing blockchain for any industry, much less healthcare:

 

“…mistrust of the technology because of blockchain’s potential performance problems, and its association with ransomware and use as payment for illegal items on the Dark Web.”

 

Blockchain’s appeal—and potential for misuse—is because it does its job very well: It’s decentralized network of nodes makes it incredibly secure, and thus, private.

 

On the other hand, it’s akin to the situation in 2015-2016 when the FBI couldn’t hack the iPhone from the San Bernardino terrorist attack: Another case of technology working a little too well. And that’s the problem with blockchain, or, as the article explains:

 

“Since blockchain is decentralized, public blockchains with nodes in other countries may present problems if they don’t move to new code bases as revisions become available.”

 

2.

Healthcare Data Storage Options: On-Premise, Cloud and Hybrid Data Storage

This article addresses importance of security for wireless medical devices in another light: data storage. However, the differences between this and the previous article are noteworthy because of how they address the problem/solution paradigm faced by healthcare providers and the medical device design and manufacturing companies that make products for them.

 

Most simply, blockchain is a potential solution to the problem of securely transferring of health data. However, securely storing that health data in a network is another matter—especially if it will be accessed by physicians and patients (via mHealth and IoT devices, for instance).

 

In past years, healthcare intranets were precisely that: networks within the organization that either didn’t connect to the outside world or didn’t need to. However, as the article explains:

 

“One of the biggest data storage challenges healthcare organizations face is how to piece together legacy systems while integrating new systems into the infrastructure.”

 

Along with finding solutions that address the singular issue of security, there are other related—and important—issues such as cost, and this is where the riddle of in-house vs. outsourced (and traditional vs. cloud) data storage becomes more complex.

 

3. A More Secure, Connected Future: New Institute at University of Florida Will Focus on IoT

A couple weeks ago, we wrote about a Department of Defense grant to the University of Auburn to develop mobile medical device technology for diabetes management. Now there is news about the University of Florida launching an entire institute for the study and advancement of IoT!

 

Similar to what we said about Auburn, this is exciting news because it is yet another indication of the high expectations and potential for wireless technologies such as IoT. These are exciting times!

 


DeviceLab is an ISO-13485 certified medical device development company that has completed more than 100 medical device design projects of varying complexity—including medical device software development and wireless medical device design services for the newest breeds of medical IoT, mHealth and medical wearables.