Hospitals and Medical Device Manufacturers Must Work Together on Cybersecurity
Alongside technology innovations and the frequent electronic exchange of health information, cybersecurity for medical devices and equipment has become a top priority for healthcare providers. Life sustaining medical devices, such as ventilators and infusion pumps, are now connected wirelessly to a variety of systems, networks and other tools within a hospital – ultimately contributing to the Internet of Medical Things (IoMT) and presenting potential points of breach as well as incremental costs and operating risk to providers.
Patient care disruptions and safety issues related to medical device security vulnerabilities are a critical concern as the number of IoMT medical devices is expected to skyrocket from 10 billion to 50 billion over the next decade. These cyberattacks not only threaten patient privacy and clinical safety and outcomes, but also a hospital’s financial resources. According to a recent report, the average breach costs in healthcare surpassed $10 million in 2022, with the industry maintaining its top rank for costliest industry breaches for the 12th consecutive year. Alongside direct costs related to a breach, providers may see added costs in hardware, software, firmware and labor.
It’s vital that manufacturers incorporate and sustain industry-identified cybersecurity best practices and data management controls over the reasonable economic life of IoMT devices and equipment. Hospitals today are taking critical security steps to safeguard clinical technologies, information systems and their network environment(s) while enhancing data protection capabilities – but cooperative and accountable action with manufacturers is necessary to further reduce cyber vulnerabilities and the unsustainable costs they drive.
