Hospitals to medtech: Clean up your cybersecurity act

This article was originally published here


[Image courtesy of Blogtrepreneur on Flickr, per Creative Commons 2.0 license]

A consortium of hospital associations wants the medical device industry to up its game when it comes to interoperability and data sharing, especially concerning cybersecurity.

The group issued a report this month to make recommendations for all stakeholders in the U.S. hospital care system, including providers, patients, physicians, insurers and industry. The Jan. 18 report, “Sharing Data, Saving Lives: The Hospital Agenda for Interoperability,” in part urged medtech makers to clean up their act regarding the security of patient data in the Internet era.

“Medical device manufacturers must do more to confront the privacy challenges that unsecurable devices may pose to hospitals and health systems,” the authors wrote. “Hospitals and health systems, clinicians and patients must be able to trust that the data being shared is accurate, secure and being used in accordance with best practices and patient expectations. Security and privacy requirements must be embedded into every layer of the infrastructure. This includes mechanisms to validate the practices and standards of third-party apps and APIs that allow more flexible sharing of data. The infrastructure also must include a mechanism for health care providers to verify that a request for information is authorized, and each entity with access to individuals’ data must be responsible for appropriately securing and using that data.”

Specifically, the AHA wants medtech to expand the “plug and play” approach in the design and function of its devices, enhance the security of data collected and transmitted by those devices and add lifecycle support for them.

More generally, the report identified six key issues “as the surest pathways to full interoperability,” including security and privacy; efficient, usable solutions; cost-effective, enhanced infrastructure; “standards that work;” connecting beyond electronic health records; and shared best practices.

“The ability to communicate vital health data is necessary to realize the full potential of our nation’s system of health care. This joint statement from seven leading associations representing America’s hospitals and health systems, and the physicians and care team members who practice within these systems, sets forth our agenda in support of the urgent need for continued momentum on improving interoperability among health information technology (IT) systems—a goal that holds great promise for lasting improvement in patient care. Together, we seek to enlist and expand public and private stakeholder support around this goal to benefit all individuals, their families and caregivers,” according to the report.

The hospital consortium that created the report includes America’s Essential Hospitals, the American Hospital Assn., the Assn. of American Medical Colleges, the Catholic Health Assn. of the United States, the Children’s Hospital Assn., the Federation of American Hospitals and the National Assn. for Behavioral Healthcare.

The post Hospitals to medtech: Clean up your cybersecurity act appeared first on MassDevice.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply