Medical Device Security Workshop Slated

HIMSS Session Offers Regulatory, Research, Practitioner Views
Medical Device Security Workshop Slated

Medical device cybersecurity doesn't get as much attention from organizations as it warrants, even though threats and risks are growing. A workshop at the 2014 HIMSS Conference in Orlando will shine a light on the critical issues.

See Also: Buyers Guide: Third-Party Cyber Risk Management

The all-day workshop, "Medical Device Security Risks and Challenges: A Multidisciplinary Response," will be held on Sunday, Feb. 23, before the main HIMSS14 conference begins on Monday, Feb. 24.

The workshop will provide health data privacy and security professionals, as well as those responsible for biomedical systems, with an overview of important "technical, clinical and public health issues related to medical device security vulnerabilities and potential patient safety and privacy impact," according to the conference guide.

"Medical device security is now recognized as a major public health problem at the patient, enterprise, and community level - it is a threat to our national health critical infrastructure," the guide notes.

The symposium will offer expert insights on advancing medical device security to mitigate patient safety and privacy risks. It will feature an overview of recent actions taken by the Food and Drug Administration, the National Institute of Standards and Technology, Department of Homeland Security and the Federal Communications Commission.

Learning objectives include:

  • Defining medical device security risks and mitigation best practices from an engineering, clinical, and public health perspective;
  • Comparing and contrasting industrial control systems and medical devices and illustrating the leveraging of ICS security principles to advance medical device security and safety;
  • Describing a market-driven approach to the development and adoption of medical device security best practices; and
  • Demonstrating the efficacy of collaborative efforts for addressing challenges presented by medical device security vulnerabilities.

Speakers Slated

Among the speakers at the workshop is Bakul Patel, senior policy adviser to the director of the Center for Devices and Radiological Health at the FDA, who was named a 2014 Top Health InfoSec Influencer by Information Security Media Group in recognition of his role at the FDA in crafting regulations and guidance related to medical device security.

Other government-related speakers include Kevin Stine, information security specialist at NIST; and Suzanne Schwartz, director of emergency preparedness operations and medical countermeasures at the FDA. George Mills, director of the department of engineering at The Joint Commission, an accrediting body, also will participate.

Speakers from academia include Kevin Fu, associate professor at the University of Michigan, and Ryan Kastner, professor at the University of California, San Diego.

Among workshop speakers from the front lines of security at healthcare provider organizations are Ron Mehring, CISO at Texas Health Resources and Rick Hampton, wireless communications manager at Partners HealthCare System in Boston.

Timely Topic

The workshop's focus on security issues involving medical devices is especially timely considering demonstrations by ethical hackers showcasing the cybersecurity vulnerabilities of the devices.

In addition, a new study finds many endpoints in the healthcare sector, including medical devices, are being hacked because of inadequate security, (see: Study: Endpoint Vulnerabilities Common).

"Medical devices have been a hot topic for the hacking community lately and pose a significant risk," says David Kennedy, founder and principal at security consulting firm TrustedSec LLC.

In addition to the medical device security workshop, HIMSS14 will also offer an array of other health data privacy and security educational content and seminars (see: Privacy, Security in Spotlight at HIMSS.)

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site, and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.