Today cyber attacks are more common than we think and system hijacking or ransomware is a sensitive issue that institutions, companies, and especially hospitals have put on the table to take urgent cybersecurity measures.
It has been shown that the issue of cybersecurity is growing stronger and that it is now easier to protect personal use devices connected to the internet in order to protect our sensitive personal data. For health institutions, the real issue of cybersecurity focuses on patient information and the protection of the medical equipment network, cyber attackers always look for the vulnerability of the equipment to access the network, block access to their use and all the information that is stored in the equipment to then ask for a reward in exchange for the release, this delicate information is the key to keeping the patient safe and, without that information, patients are at risk.
According to Security Boulevard, at least one in five Americans was a victim of cyberattacks in their health care last year and are worried that ransomware make the movement again and affect their care, also a third of the persons who were interviewed are thinking to switch providers.
If you want to protect your medical equipment network from ransomware, the first step to take is to have a good management system with an extended inventory of the pieces of equipment that includes equipment digital persona, data security fields (Bluetooth, USB interfaces and ePHI) and, a model control profile. By having a centralized management system, you will be able to monitor the technology that are vulnerable to this type of situation, identify the constant failures, administrate the maintenance cycle, and which equipments are affected before, during, and after a cyber attack.
Call the manufacturer: medical equipment needs patches every certain time and unlike a computer, they do not automatically download and install, so you need to ask your provider for the patches available for your equipment, this is a really hard task for the Clinical Engineering department since in a hospital there can be thousands of equipments and not all will be of the same brand or manufacturer but with the last update of “right to repair” law, clinical engineers will be able soon to get the patches from the manufacturers and install them themselves with a faster response time, the only little obstacle will be the OEM since all installations, patches, and other endpoint security solutions for medical technology need to have validation by they first.
TI department and CE department need to make a good team evaluating constantly all the medical technology and prevent every vulnerability they will found on medical equipment, update all the patches available and management maintenance cycles, protect leaks of ePHI data and always keep an eye on the alerts and in this way hackers will have no opportunity to attack the network or at least it will not be easy.
Our CMMS MediMizer has integration with ASIMILY, a smart solution for the IoMT risk management where you can correlate the data based on several parameters to enrich inventory, initiate automatic remediation of vulnerabilities detected, and plan activities.
" ... Including about 100,000 annually at a cost of $30B in North America alone. ... Inadequate hand hygiene remains a frequent and modifiable contributing factor, as established from hospital outbreaks of methicillin-resistant Staphylococcus aureus, vancomycin-resistant Enterococcus, and other hospital-acquired infections. ... ... A classical study, for example, found that physicians had about half the rate of compliance when compared with nurses (30% vs 52%, p<0.001). ... Here, we explore a different account for why the problem might not be solved by changing the personalities or motivations of physicians. Specifically, we suggest that the circumstances surrounding physicians in hospitals are rife with behavioral factors conducive to failures of hand hygiene."
Why even good physicians do not wash their hands.
Jon Stewart interviewed Atul Gawande on this book "Being Mortal". Gawande reports that a group of cancer patients choosing palliative care at end of life lived 25% longer than those choosing more severe medical care. The study was of stage 4 lung cancer patients. The discussion of end-of-life tradeoffs started with the statement that 17% of people die at home and most die in other institutions. There was some mention of his previous book, "Checklist Manifesto" which sounds like a book we need to pick up. The importance of planning medical checklists can be and will be followed is important.
In the United States alone, hospital borne illnesses reach to more than 1.7 million and 99,000 of them die every year. In Europe, nosocomial infections result to 2/3 of their 25,000 annual deaths. Severe nosocomial illnesses vary from bloodstream infections, UTI and pneumonia. And since many of their causative bacteria are antibiotic resistant like the gram-negative types, they can be hard to manage. However, it is interesting to note that 1/3 of hospital borne diseases can be prevented.