May 13, 2019

Hospitals homing in on medical device cybersecurity

Computer with MRI scans

Computer showing MRI brain scans. Photo: Gina Ferazzi/Los Angeles Times via Getty Images

Hospitals are pushing medical device makers to ensure the security of their products, a response to increased reports of cyberattacks and a growing recognition of their costs, the Wall Street Journal reports.

What's happening: Hospitals are running tests to detect device weaknesses, asking manufacturers to reveal proprietary software to assess vulnerabilities, and sometimes rejecting bids or canceling orders for devices that don't have adequate safety features.

  • Some of hospitals' requests have caused tensions with device manufacturers, although there's also collaboration between the two parties.

The big picture: As health care has increasingly digitized, hospitals have become more aware of the threat of cyberattacks — and how that threat is amplified by the increase in health care devices that are connected to the internet.

  • Hospitals have both financial and patient safety concerns, especially as the threat becomes more real.
  • Health care companies — including hospitals — reported 148 hacks that exposed personal health information last year. Only 5 were reported in 2009.
  • The Department of Homeland Security issued 30 advisories last year about cybersecurity vulnerabilities in medical devices — an increase from 16 the year before.

Go deeper: Mental health is new focus at premier cybersecurity conference

Go deeper