Network World
May 9, 2019
Why is the state of medical IoT so scary?
Network World | May 9, 2019
Security is the Achilles’ heel of all modern IoT technology, but the consequences of medical IoT hacking, in particular, can be disturbingly serious. A look at the state of the connected devices commonly found in hospitals, and why you might want to be somewhat worried about it.
Copyright © 2019 IDG Communications, Inc.
Similar
To oversimplify a little – medical tech is evolving quickly: From the digitization of medical record-keeping to the advent of devices that actively help monitor and manage treatment, such as portable diagnostic devices, insulin pumps and more.
However, that evolution might be happening too quickly, when you consider the security issues that have been revealed about many of the devices that store our treatment information and even help manage our care.
There are a lot of layers to this issue, according to the experts. For one thing, the companies making devices are, obviously, medical device makers, who might not be the most sophisticated ones out there where security is concerned.
The bigger issue, however, is at the software level - the devices used to speed up and mechanize the actual tasks involved with patient care are disturbingly insecure. Ever since security expert and diabetic Jay Radcliffe demonstrated a trivially simple way to compromise his connected insulin pump in 2011, many in the security field have been trying to warn healthcare providers and the public that medical IoT gadgets are often unsafe.
Part of the problem is patching – a huge number of connected medical devices weren’t originally designed to be connected to the broader Internet, so the companies that made them aren’t used to issuing regular security patches.
Another issue is that a lot of the effort being spent on digital security in the medical field is focused on HIPAA compliance – an important issue, and one that’s crucial to keeping patient data private, but it means that there’s plenty of work being done on problems that aren’t medical IoT.
There’s no real end in sight, but most experts agree that any possible solution starts with getting IT security pros to work with healthcare providers, in order to get a clearer picture of what a functional, secure technological infrastructure around healthcare would look like.
However, that evolution might be happening too quickly, when you consider the security issues that have been revealed about many of the devices that store our treatment information and even help manage our care.
There are a lot of layers to this issue, according to the experts. For one thing, the companies making devices are, obviously, medical device makers, who might not be the most sophisticated ones out there where security is concerned.
The bigger issue, however, is at the software level - the devices used to speed up and mechanize the actual tasks involved with patient care are disturbingly insecure. Ever since security expert and diabetic Jay Radcliffe demonstrated a trivially simple way to compromise his connected insulin pump in 2011, many in the security field have been trying to warn healthcare providers and the public that medical IoT gadgets are often unsafe.
Part of the problem is patching – a huge number of connected medical devices weren’t originally designed to be connected to the broader Internet, so the companies that made them aren’t used to issuing regular security patches.
Another issue is that a lot of the effort being spent on digital security in the medical field is focused on HIPAA compliance – an important issue, and one that’s crucial to keeping patient data private, but it means that there’s plenty of work being done on problems that aren’t medical IoT.
There’s no real end in sight, but most experts agree that any possible solution starts with getting IT security pros to work with healthcare providers, in order to get a clearer picture of what a functional, secure technological infrastructure around healthcare would look like.
Popular
Featured videos from IDG.tv