AHA Comments on Security of Legacy Medical Devices

Jun 01, 2018 - 02:26 PM
AHA-comment

Legacy medical devices are “a key vulnerability for hospitals and health systems,” related to cybersecurity, and device “manufacturers must support end-users in providing a secure environment for safe patient care,” AHA today told leaders of the House Committee on Energy and Commerce. “This support should include wrapping security precautions around these devices, adding security tools and auditing capabilities where possible, conducting regular updates and patching all software, and communicating security vulnerabilities quickly through consistent channels,” AHA said in response to a committee request for information on how best to keep medical devices secure over their useful lifetimes. Among other comments, AHA said that the Food and Drug Administration must make clear that security measures to protect legacy devices are required, not optional. “As a regulator, the FDA has a leadership role in creating expectations that manufacturers proactively minimize risk by building security into products by design, providing security tools to their end-users, and updating and patching devices as new intelligence and threats emerge,” AHA said.

Related News Articles

Blog
Focusing on consumerism to drive value
In this AHA Stat Blog, Priya Bathija, vice president of AHA’s The Value Initiative, discusses manageable ways hospitals and health systems can become consumer-…
Headline
NIH funds genetic counseling resource for precision medicine initiative
The National Institutes of Health’s All of Us Research Program today awarded a health technology company $4.6 million in initial funding to provide genetic…
Insights and Analysis
How bold new ideas can advance health in rural communities
An invisible beam that detects ships and airplanes. An innovative drug that reduces cholesterol in a way no one has tried. The notion that tumors can be killed…
Headline
Health care sector urged to protect systems against Windows vulnerability
HHS’ Health Sector Cybersecurity Coordination Center urged health care organizations to install patches to protect their Windows systems against DejaBlue.
Headline
Groups sue to stop administration from implementing public charge rule
Thirteen states yesterday filed a lawsuit challenging a Department of Homeland Security final rule limiting the ability of legal immigrants to adjust or extend…
Headline
Appeals court reverses decision voiding CMS rule on Medicaid DSH audits
The U.S. Court of Appeals for the District of Columbia Circuit reversed the voiding of a rule that included Medicare and private insurance payments when…