Medical Devices Group

  • Community
  • Webinars
  • Jobs
  • Events
  • Contact
  • Go Premium
« Back to Previous Page
Claude P. Bobin
President at T-MedRobotics, Adjunct MBA Professor at Benedictine University
November 2017
Will Cybersecurity kill Medical Device Innovation?
< 1 min reading time

source: https://www.linkedin.com/groups/78665/78665-6339193416852738052

Marked as spam
Posted by Claude P. Bobin
Asked on November 22, 2017 8:00 am
47 views
  • Follow
  • Unfollow
  • Report spam

Meet your next client here. Join our medical devices group community.

Private answer
No, it won't. But there will be a huge breach at some point. An investigation. A bankruptcy. Calls for tighter legislation. Software vendors swooping in for opportunity. What say you, Christopher Burgess, Rebecca Herold, and Shelby Kobes?
Marked as spam
  • Report spam
Private answer
Julie Omohundro How would it?
Marked as spam
  • Report spam
Private answer
Julie Omohundro What is the process by which cybersecurity could kill device innovation? I'm stumped.
Marked as spam
  • Report spam
Private answer
Kiran C Shetty Regarding innovation specific to software, here is a link to the new Guidance Document for a software change: https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm514737.pdf
Marked as spam
  • Report spam
Private answer
Christopher Burgess Not at all .. device security will serve to differentiate between two equally fine devices, the one which has baked in their security from the beginning of the product creation will, imho, own the market.

The government patience in the face of the massive breaches of 2017 is begging for regulation, secure software and device firmware will be table stakes. Companies will want to embrace "secure software/firmware development life cycle" will be board-level requirements. Those who invest now, will be assured of a place at the table tomorrow.

Thanks for asking for my two cents Joe Hage, glad to assist any who need clarification on just what this entails -- it is a heavy lift no matter how you dice and slice it.

(PS: Happy Thanksgiving to you and your family)
Marked as spam
  • Report spam
Private answer
Michael Abrams This is an absurd question. It's just a matter of time before someone holds a Bluetooth-enabled insulin pump for ransom, and device innovation does not take a place above securing protected health information.
Marked as spam
  • Report spam
Private answer
Not sure how? UL2900 which addresses Cyber Security including Medical Devices if followed seems common sense isn't onerous if considered early.
Marked as spam
  • Report spam
Private answer
Roger Cepeda, JD, MBA, RAC Cybersecurity has been a design input and customer requirement for years. In radiology, the MDS2 standard includes IT security profiles for devices, and most hospitals are on top of this issue to ensure devices don't increase vulnerability (e.g., open ports, outdated OS kernels, etc). My prediction is that the scandals Joe refers to will not come from devices intended for use behind a hospital firewall. Rather, it will come from home use devices or mobile apps that control devices. And the FDA is definitely aware of that risk: https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm
Marked as spam
  • Report spam
Private answer
Osama Bannout We saw everywhere that machines took humans place but it will never work without humans nor will end their presence.
Marked as spam
  • Report spam
Private answer
Shelby Kobes I agree, developing a method that applies security from the start that also takes In account ROI and good justification on why some security is not done is very important. Try mixing SABSA, this is not just a coding issue, rather a complex business and engineering SDLC issue.
Marked as spam
  • Report spam
Private answer
No, can add encryption for wireless, but lack of reimbursement will kill it faster than anything....
Marked as spam
  • Report spam
Private answer
It is killing the adoption of the technology in any timeframe that is beneficial. We see this everyday in the Federal space many companies find it so difficult, time consuming and costly to meet the regulations and pass through all the hurdles they pass up the entire federal government market. There needs to be strict cyber security rules but there also needs to be a way to move through a process in a more productive a timely matter I see the government customers being deprived of tools that the civilian market has been urilizing for years because of this process. The answer may be to have cyber security professionals work with technology companies instead of in an adversarial role of just inspecting and rejecting. If we could have cyber security work in the development process with technology companies and during he testing process to help make the product more secure based on requirements
Marked as spam
  • Report spam
Private answer
Gary Neel. Good point. Especially as health care payment systems mostlt pay when something affirmatively happens (event seeking treatment) rather than preventionresulting in nothingaffirmative happening (population health or reimbursement for NO beach or NO attack) etc.
Marked as spam
  • Report spam
Private answer
Julie Omohundro Mark, the federal government's procurement processes are a separate topic. Pretty much anything is going to happen slowly with the feds. Cybersecurity doesn't stand out as an especially unique or high hurdle among a landscape of hurdles, IMO.
Marked as spam
  • Report spam
Private answer
Julie Omohundro Mark, it's unfortunate that cybersecurity has an adversarial role in some companies, but it does not have that role in many other companies. As Christopher Burgess notes above, this could provide an important competitive edge in a free market. In our sort-of free market, a lot may depend on the third-party payors.
Marked as spam
  • Report spam
Private answer
I think cyber security is further down the list of innovation prevention given the increased centralization of payers. Either a few insurers or a single payer (government) system would likely be the main impediment. The level of administrative costs and requirements make it difficult for a small, entrepreneurial company to make strides and insulates larger companies from competition. Regulatory requirements would likely be next.
Marked as spam
  • Report spam
Private answer
Naveen Agarwal, Ph.D. A thought provoking question! Cybersecurity now is an important aspect of risk management. Therefore, it becomes critical in the Development phase, not necessarily in the Discovery/Innovation phase. Also, I think that the next generation of "innovators" will intuitively understand the importance of cybersecurity especially when a breach in cybersecurity is likely to impact device performance and patient safety. I would love to see product designers addressing this risk appropriately during Design and Development.
Marked as spam
  • Report spam
Private answer
Julie Omohundro To key off of Shelby's comment, the innovation it will theoretically kill are digital products that don't have enough clinical/market value to justify the investment needed for cybersecurity. Theoretically, this will push investment toward products with greater clinical/market value.
Marked as spam
  • Report spam
« Back to Previous Page

Please log in to post questions.

  • Go to WP login page

Stay connected with us.

By signing up you are agreeing to our Privacy Policy.

Categories

  • Capital/Investment
    • Business Model
    • Funding
  • Careers
  • Design/Devel
    • Design
    • Development
    • Human Factors
    • Labeling
    • Material Selection
    • R&D
    • Trials and Post-Market
  • Featured
  • Industry
    • Announcements
    • Device Tax
    • Hospital and Health Care
    • Innovation
    • Medtech
  • LinkedIn, etc.
  • Markets
    • Africa
    • Americas
    • Asia
    • Australia
    • Europe
  • Regulating
    • CE Marking
    • EU
    • FDA
    • FDA/EU etc.
    • Notified Bodies
    • Quality
    • Regulatory
  • Selling
    • Distribution
    • Intellectual Property
    • Marketing/Sales
    • Reimbursement
  • Worth bookmarking!
Feature your job here.
logo

Companion to LinkedIn's 350,000 member community

  • Contact
  • Medical Device Marketing
  • In Memoriam
  • Medical Device Conference

The Medical Devices Group   |   Copyright © Terms, Conditions & Privacy

Medical Devices Group
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.