What if criminals could hack your pacemaker? As medical devices become more advanced and more connected to the internet — it’s a frightening possibility.
The FDA and Department of Homeland Security say they’re preparing for the worst and want to make sure patients and their devices are secure.
“Any connected medical device has the potential for cyber threats to occur ,” says Suzanne Schwartz, an FDA cybersecurity expert.
She says implantable devices that send information to doctors, patients and healthcare providers, such as pacemakers, defibrillators, and insulin pumps could be at risk.
There are also concerns hackers could target machines like MRIs, CT scans and ventilators.
That’s why the FDA and DHS have announced an expanded partnership to make sure medical devices are as secure as possible.
The FDA says the two agencies will now be able to share more information to stay ahead of constantly evolving cybersecurity threats.
Schwartz says, “We have all of us a lot more work to do to become better prepared. This a journey.”
AdvaMed, an industry trade group, says device-makers are now required to put cyber protections in pace as they design devices and that they’re also working closely with agencies like the FDA.
“We are building information sharing platforms. That’s really the key here, is that cybersecurity is a shared responsibility,” says Zach Rothstein, who’s with AdvaMed.
The FDA has also enlisted so-called “white hat” hackers to help identify cyber weaknesses.
Schwartz says hackers have attacked hospitals and healthcare systems — but so far, there have been no known attacks that impacted patients’ health.
The FDA recently developed a cyber security “playbook” for hospitals and healthcare systems. The agency wants hospitals to put protections in place, do exercises and have response plans ready should a cyber attack occur.