Page 20 - Layout 1
P. 20
MEDICAL
TECHNOLOGY
MEDICAL TECHNOLOGIES:
OR
By David A. Schulz, CHP, CIPP
Wireless functionality of Dick Cheney’s heart implant was dis- Consider iStan, the $100,000 medical dummy described by man-
abled in 2013 for fear of hacking. Four years later, those reservations ufacturer CAE as “A fully mobile patient simulator with advanced
are more than justified. The FDA just recalled 465,000 pacemakers, physiology and functionality for unlimited training possibilities.” Re-
concerned about unauthorized command ac-
cess. The recall, happily, only involved a searchers at the University of Southern Ala-
firmware update in a doctor’s office, not in an bama “killed” it by hacking its embedded
operating theater. Not yet, anyway. pacemaker.
Nevertheless, the promises of intercon- "The simulator had a pacemaker so we
nected medical devices have not lost luster. could speed the heart rate up, we could slow
Providers and patients are adopting technolo- it down," the researchers reported. "If it had
gies at an unprecedented rate, in the hopes a defibrillator, which most do, we could have
they offer more patient-centric relationships shocked it repeatedly. It's not just a pacemaker
and reduced costs. A recent survey by Imaging — we could do it with an insulin pump, [or] a
Technology News showed 66 percent of number of things that would cause life-threat-
Americans would use a medical app to manage ening injuries or death."
health-related issues instead of a doctor. There
are now more than 97,000 mobile apps related to health and fitness, For those growing up with visions of the
most with little or no regulatory oversight. Starship Enterprise’s sickbay and Dr. McCoy’s
medical tricorder, med-tech is very enticing. In its emerging stage,
The FDA has established narrow criteria for medical app review though, it presents a significant challenge. The Health Care Industry
and approval, in three cases: if the app controls another medical Cybersecurity (HCIC) Task Force states the conundrum well:
device; or if the app turns the mobile platform “The health care system cannot deliver effective and safe care
into an actual regulated device; or if the app without deeper digital connectivity. If the
provides data analysis and offers patient-spe- health care system is connected, but insecure,
cific treatment or diagnosis. However, it does this connectivity could betray patient safety,
not regulate apps that store and/or transmit subjecting them to unnecessary risk and forc-
patients’ information, and admits its rules are ing them to pay unaffordable personal costs.
a work in progress.
“Our nation must find a way to prevent our
Even regulated devices are not immune to patients from being forced to choose between
skullduggery. The Hospira LifeCare Drug In- connectivity and security,” concluded the June
fusion Pump had a notorious vulnerability al- report. For now, it is up to providers to ques-
lowing remote alteration of drug dosage tion the security and vulnerabilities of new
delivery. Medtronic’s Paradigm Pumps used technology before adoption.
unencrypted and unauthenticated commands
to deliver insulin, opening them to unauthorized interference. Var- David Schulz, certified information privacy and cer-
ious Implantable Cardioverter Defibrillators (ICDs) were found to tified HIPAA professional, is executive director and CEO of Cyber Risk As-
be hackable by Bluetooth. The list gets longer as every new device sociates LLC in San Antonio. He is a community representative on the BCMS
presents new opportunities for malice. Communication/ Publications Committee.
20 San Antonio Medicine • November 2017
