The latest healthcare technology news is focused on cybersecurity in medical devices. In this article, we’ll examine the new cybersecurity services from GE Healthcare, the Armis Platform, and the Center for Medical Device Cybersecurity at the FDA. Read on to learn about cybersecurity in the healthcare industry and the benefits it can bring to your practice. To keep your data secure, you should also learn about the latest developments in cybersecurity research.
GE Healthcare’s New Cybersecurity Service Offering
GE Healthcare has announced the launch of a cybersecurity solution called Skeye. This offering combines medical device expertise with artificial intelligence, process management tools, and cybersecurity expertise to help healthcare providers protect their networks and devices. Skeye provides proactive monitoring through a remote security operations center, allowing healthcare providers to identify threats and respond in a timely manner. It is part of GE Healthcare’s broader cybersecurity strategy.
The vulnerability exists in GE Healthcare’s Clinical Information Central Stations and Telemetry Servers. These devices are used in health facilities to display patient information and monitor their status from a central location. The vulnerabilities could allow an attacker to gain control of these devices, silence alarms, and interfere with the functioning of patient monitors connected to them. GE Healthcare has contacted affected health care facilities and providers and provided instructions on how to mitigate the risk.
The service offering will begin with a risk assessment and move through real-time discovery of networked devices. The cybersecurity Software Development Services will also include monitoring, threat detection, and remediation, according to GE Healthcare. These services can be delivered at an affordable cost. The new service offering will provide the healthcare industry with a more proactive cybersecurity strategy, while allowing healthcare organizations to better connect their IT and clinical teams. Customers will also benefit from GE Healthcare’s “SKEYE” product service.
GE Healthcare’s Armis Platform
GE Healthcare’s Armis Platform for medical devices offers a comprehensive approach to the management of clinical assets and security. Armis helps clinical teams manage the status and behavior of medical devices and keeps them up-to-date on security issues. Armis can integrate with a hospital’s IT asset management system or CMMS/CMDB to help manage and monitor mobile equipment. Armis can track the location of medical devices and other assets, as well as determine their usage, number, and value.
Security is a vital consideration for medical device vendors. Armis enables secure and scalable management of the explosion of connected medical devices and delivers comprehensive visibility, automated threat response, and enhanced risk management. It was recently named a Gartner Market Guide RepVendor for Medical Device Security Solutions. This latest release includes an enhanced risk management and automated threat response solution, Asset Vulnerability Management.
Armis has become a leading provider of cybersecurity solutions for connected healthcare assets. Armis’s platform offers complete asset visibility and cybersecurity intelligence across IT and OT environments. With a vast partner ecosystem and the world’s largest device knowledgebase, Armis is able to supercharge existing security and IT investments. And its solutions can be deployed using existing infrastructure. Moreover, Armis is a privately held company that is focused on security and privacy.
FDA’s Center for Medical Device Cybersecurity
The center is one of the federal agencies responsible for ensuring that medical devices are safe from cyberattacks. The agency serves as co-chair of the HPH HSCC Government Coordinating Council, a public-private partnership that addresses the cybersecurity issues facing the healthcare sector. It also co-chairs the cybersecurity working group and participated in the development of the Medical Device and Health IT Joint Security Plan, a total product life cycle reference guide.
To further strengthen the cybersecurity of medical devices, the agency has issued several draft guidelines and publications aimed at medical device manufacturers. These documents include draft guidelines on software functions and quality system regulations. While these draft guidelines aren’t binding, they could form the basis for implementing the security language in the House bill. For example, a manufacturer should include a bill of materials with every medical device to document the device’s lifecycle.
The FDA also released draft guidance in April 2018 that outlines a number of recommendations for manufacturers to improve their cybersecurity efforts. The draft guidance recommends that manufacturers include cybersecurity information on their products’ labels and website, and offers a list of specific information that should be included in these documents. This guidance is currently only available in English. It can be found on the FDA’s website.