KF: I hope that doesn't come to pass. It's pretty clear to me we're a nation of homes and we don't have locks on our doors, but so far there hasn't been any problem. But you know what? If you leave your house unlocked, eventually there's going to be a problem, so we should think about how to reduce the chance that our doors are going to be opened.

DMBN: Are there certain devices that are more vulnerable than others to hacking?


KF: The good news is that higher consequence devices seem to have better security. So for instance, in the implantable device community, many companies have some of the better engineering practices for security because they're so high consequence.

On the other hand, while devices like MRI machines, mammography, and other radiological imaging may be lower consequence, in my experience they also tend to be more vulnerable because they tend to be running commercial, off-the-shelf software like Windows XP — software that has accumulated ten years of security flaws that have not been patched.

DMBN: So you'd say imaging equipment is particularly vulnerable?

KF: It varies. It depends on how good they are at keeping their software up to date with known vulnerabilities, so it really depends on their patching strategy. But patching alone is not good enough.

I would say we're in the very early stages of developing protections. In IT systems that have better security they're worrying about something called a zero day worm — that's when you have zero warning before a vulnerability becomes exploited. In other words, even patching won't help. There are already instances of this in general purpose computing.

But right now in the medical community, we're not even in that stage — we're still worrying about whether we get a patch out in ten years. The medical community has a long way to go before it can consider itself up to consumer-grade security.

DMBN: Do you think the FDA guidelines are effective?

KF: Let me first state what they do best. They do a good job of highlighting key items such as hazard analysis and traceability matrices — techniques to identify risks and make sure you have a mechanism to mitigate the risks.

On the other hand, one of the problems with the draft is, it's not totally clear some of their suggestions will lead to better outcomes. For example, hidden passwords. We all know what happens when we're told to change our passwords once a year — we put it on a sticky note and put it in our desk drawer.

So I don't think having hidden passwords is going to be an effective strategy. But the general guidance for better security at the design stage of the device is going to produce a meaningful difference in the safety of these devices.

More Industry Headlines