Archives for 

Training

Network Connected Device Dangers

For those that have been through our training or heard me speak to one of their organizations, you know I touch on the subject of Network Connected Devices.

Network Connected Devices

These devices are already in many practices and have been for some time. If you remember a few years ago Vice President Dick Cheney  had minor surgery to get a modification to his pacemaker to increase its security. Recently researchers used a blue tooth enabled pacemaker to “kill” a patient simulator dummy in an educational setting.

With ease of access.  The security level for these devices is going down.

What sorts of devices will become prevalent in our clinical operations?  Pacemakers, Insulin Pumps, and even tooth brushes are already prevalent. IV delivery systems and ECG units have been wirelessly network connected for many years. So how easy is it for a criminal hacker to start the process of hacking a medical device?

Network Connected Devices

Devices Easily Discoverable

The US alone has more than 36,000 healthcare related devices that are easily discover-able on Shodan. A search engine for internet connected devices!  Not all are necessarily vulnerable to attack.  They are however publicly exposed making them more likely to be targets.

What can you do as a practice to safely utilize connected devices?

  • Have strong firewalls at your network perimeter
  • Ensure the device meets NIST (National Institute of Science and Technology) Standards
  • Utilize consultants and specialists to evaluate overall security
  • Segregate and separate “public” wireless from the practice network.
  • Keep all devices and systems patched and updated

By using a combination of best practices and common sense, you can improve patient quality of care with new technology, while maintaining safety and security of your patients and their data.

UPDATE – After this was posted there was a major recall of pacemakers.  The problem is that they could be hacked and the settings change.  Read about it here

 

Leadership a result of Communication and Example L=C*E

 Leadership is the result of this L=C*E Remedial Algebra? No, this is the formula where: L=Leadership C=Communications E=Example    This is truly the starting point for not just business success for your practice, but is essential for building a security culture within that practice. Without a culture of security, and its resultant attention to detail, […] Continue reading →