The increased use of wireless, Internet, portable media, and frequent electronic exchange of medical device-related health information, have led to cybersecurity threats to healthcare sectors. It has become more frequent, more severe, and more clinically impactful. The FDA is finalizing a guide on cybersecurity to address these issues in a regulatory manner. It is titled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices”.
Last year, the FDA issued warnings urging medical device-makers to patch their hardware against vulnerabilities. The following analysis of 5 million internet-of-medical-things (IoMT) devices found that 86% of healthcare deployments had more than 10 FDA recalls. Medical-device security is a chronic problem because healthcare budgets are focused on lifesaving care which means security often takes a back seat. Hackers are aware and take advantage to capitalize on this issue. They can cause disruption delivery of patient care, delay diagnoses and treatments, and may lead to patient harm.
Best practices to be adopted are to make a medical-device inventory, avoid using medical devices to surf the Internet, and disable unnecessary or unused services.