The worldwide ransomware attack that crippled Britain’s National Health Service earlier this month has highlighted just how susceptible healthcare facilities are to hackers. Are hospitals and medical offices prepared for such attacks? What should they be doing to get ready?
“This ransomware is a wake-up call for the few people still in denial,” says Kevin Fu, CEO and chief scientist of Virta Labs, Inc., speaking about individuals who don’t yet appreciate the threats hackers pose to healthcare delivery organizations. “Patients were denied scheduled heart surgeries. Ambulances were in disarray.”
In his keynote speech at the AAMI 2017 Conference & Expo, Fu will probe the risks, benefits, and regulatory issues related to medical device cybersecurity and will share his tips on how to develop trustworthy medical device software. The conference is set to run June 9-12 in Austin, Texas. AAMI is a nonprofit organization dedicated to the development, management, and use of safe and effective healthcare technology.
Fu is an associate professor at the University of Michigan where he directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group. His research into security vulnerabilities has been featured in numerous publications, including the The New York Times, and he is often credited with establishing the field of medical device security.
“I really appreciate AAMI recognizing the importance of the field, which is critical for the safety and effectiveness of medical devices,” Fu says. “Most medical devices were not designed with security in mind, and we’re still trying to catch up.”
This fact was evident when the not-for-profit HITRUST alliance reported that some medical devices were infected with the WannaCry ransomware that exploited unpatched versions of Microsoft’s Windows operating system.
Throughout the AAMI 2017 conference, the HTM professionals who service and support an array of complex and often life-critical medical devices and equipment in hospitals will have the opportunity to learn what they need to do to stay on top of the latest cyber risks.
Additional cybersecurity sessions will highlight:
- Medical device risk management programs that specifically address the unique needs of the healthcare environment
- Other cybersecurity risk controls and tools HTM professionals can incorporate into their medical device management activities
- Ways connected medical device security fits into a quality management system
- Strategies for securing electronic protected health information
Visit AAAM’s website for more information.
