/ Healthcare | Security

The Security Of Medical Devices – What’s Being Done?


The connected medical device market is booming, driven by the need to increase efficiency and accountability, lower treatment costs, and improve patient care. There are currently 3.7 million connected medical devices in use today and the number of remotely monitored medical patients will reach 50.2 million over the next four years. Thanks to the Internet of Things (IoT) based medical devices patients can get out of the hospital more quickly and in some cases even skipping a stay altogether saving organizations money.


There is also big money to be saved by healthcare organizations that adopt IOT-based medical devices. But there is also big money to be lost if the right measures aren’t put in place. Healthcare is among the most targeted industries for cyber attackers because of the wealth of data that can be accessed. In 2017, more than 500 patient records affecting over 4.7 million people were breached at 295 healthcare providers. Data breaches in the healthcare sector cost upwards of $6 billion per year according to IBM and the Ponemon Institute

Healthcare devices such as insulin pumps, defibrillators, CPAP machines, cardiac monitoring devices and oxygen tanks are now quite entrenched in remote monitoring, providing patients, and their caregivers, valuable real-time information, without being tethered to a hospital or healthcare facility. However, the connectivity in these devices also brings risks. Realistically, if your Fitbit gets hacked there is no real harm done, but the hack to a child’s diabetes insulin pump could be life threatening at the push of a button.

So what is being done?

Medical device companies need to partner with healthcare providers to create strategic plans that focus on better protection around remotely-monitored devices. The FDA has issued guidelines for connected medical devices security that can help medical device manufacturers implement a set of practices around the security of medical devices from cyberattacks and unauthorized access. They also issued a medical device security action plan earlier this year. In the action plan, the FDA describes steps it plans to take in the following areas:

  • Establish a medical device patient safety net
  • Explore regulatory options to streamline implementation of post market mitigations
  • Spur innovation towards safer medical devices
  • Improve medical device cybersecurity
  • Integrate the Center for Devices and Radiological Health’s premarket and post market offices and activities to expand the use of a total product life cycle approach to device safety

To learn more about Involta Secure, click here to visit our website and to watch our Involta Security Video.

Related Resources