Cybersecurity bill for medical devices proposed to US House of Representatives

por John R. Fischer, Senior Reporter | October 07, 2017
Cyber Security Health IT Medical Devices
If made law, the bill would set up
a public-private stakeholder partnership to
protect medical devices from
Representatives Dave Trott and Susan Brooks have introduced a new bill to the US House of Representatives for ensuring the protection of medical devices from cyberattacks.

The Internet of Medical Things Resilience Partnership Act proposes the establishment of a public-private stakeholder partnership to form a set of guidelines for preventing cyberattackers from accessing medical devices to retrieve and exploit the health care information of Americans.

“Bad actors are not only looking to access sensitive information, but they are also trying to manipulate device functionality,” said Representative Brooks in a statement. “This can lead to life-threatening cyberattacks on devices ranging from monitors and infusion pumps to ventilators and radiological technologies. As the number of connected medical devices continues to grow, so does the urgency to establish guidelines for how to prevent these kinds of dangerous attacks.”
DOTmed text ad

Reveal Mobi Pro now available for sale in the US

Reveal Mobi Pro integrates the Reveal 35C detector with SpectralDR technology into a modern mobile X-ray solution. Mobi Pro allows for simultaneous acquisition of conventional & dual-energy images with a single exposure. Contact us for a demo at no cost.

Cyber attacks have compromised health care information for more than 127 million Americans since 2009.

The bill would bring together representatives from groups, such as the FDA and the National Institute of Standards and Technology (NIST), as well as academia and the medical device industry to collect and centralize cybersecurity guidelines and standards.

They would also be tasked with identifying and determining solutions for high-priority gaps in current protocols, and creating a framework as a point of reference for Internet of Medical Things (IoMT) developers.

“Management of potential cybersecurity threats is a shared responsibility among all stakeholders, including manufacturers, hospitals, health care professionals, patients, regulators and IT developers,” Zach Rothstein, associate vice president of technology and regulatory affairs at the Advanced Medical Technology Association (AdvaMed), told HCB News. “Having stakeholders work together on these important issues will continue to build on the collaborative work that has already been accomplished."

Neither Trott nor Brooks were available for comment.

EDIT: An earlier version of this article incorrectly stated the legislation had been passed by the House when in fact it had only been introduced. We regret the error and have modified the story for accuracy.

You Must Be Logged In To Post A Comment