Events of last August -- when three widespread infestations of computer worms attacked Windows-based systems -- illustrated the vulnerabilities of many medical applications, including PACS. The pressing need for software patches was also revealed. Yet
Events of last August - when three widespread infestations of computer worms attacked Windows-based systems - illustrated the vulnerabilities of many medical applications, including PACS.
The pressing need for software patches was also revealed. Yet no clear policy addresses medical device software patch management, according to a scientific paper presented at the SCAR annual meeting.
"The application of software patches on medical devices requires a risk assessment to balance network risk verses the medical/legal risk of altering an FDA-regulated medical device," said Michael A. Nielsen, a clinical engineer with the U.S. Air Force's Medical Logistics Office.
Lack of directive policy on how security vulnerabilities associated with software fixes must be handled and what security standards apply to medical device OEMs creates further confusion and risk, Nielsen said.
Complexities associated with networked environments, current world events, and the OEM shift to Windows-based systems further exacerbate the problem, he said.
Neilsen appeared at SCAR to sound the alarm and raise awareness. He said the healthcare technology community must work with both OEMs and the FDA to develop a working model for software maintenance and validation.
Ideally, as vulnerabilities and advisories are released, OEMs would implement a process to immediately initiate an assessment of alerts from watchdog bodies such as the Computer Emergency Response Team.
Once a patch is validated, the OEM would have a global mechanism, such as a secure Web site, for customer downloads, Nielsen said.
"Failure to recognize the need for vulnerability assessments and security patch response on medical devices platforms as part of the overall device life cycle puts the healthcare community at undue risk for catastrophic failure," he said.
A culture paradigm shift must occur, according to Nielsen.
Four Strategies to Address the Tipping Point in Radiology
January 17th 2025In order to flip the script on the impact of the radiology workforce shortage, radiology groups and practices need to make sound investments in technologies and leverage partnerships to mitigate gaps in coverage and maximize workflow efficiencies.
Can Generative AI Facilitate Simulated Contrast Enhancement for Prostate MRI?
January 14th 2025Deep learning synthesis of contrast-enhanced MRI from non-contrast prostate MRI sequences provided an average multiscale structural similarity index of 70 percent with actual contrast-enhanced prostate MRI in external validation testing from newly published research.
Can MRI-Based AI Enhance Risk Stratification in Prostate Cancer?
January 13th 2025Employing baseline MRI and clinical data, an emerging deep learning model was 32 percent more likely to predict the progression of low-risk prostate cancer (PCa) to clinically significant prostate cancer (csPCa), according to new research.