Events of last August -- when three widespread infestations of computer worms attacked Windows-based systems -- illustrated the vulnerabilities of many medical applications, including PACS. The pressing need for software patches was also revealed. Yet
Events of last August - when three widespread infestations of computer worms attacked Windows-based systems - illustrated the vulnerabilities of many medical applications, including PACS.
The pressing need for software patches was also revealed. Yet no clear policy addresses medical device software patch management, according to a scientific paper presented at the SCAR annual meeting.
"The application of software patches on medical devices requires a risk assessment to balance network risk verses the medical/legal risk of altering an FDA-regulated medical device," said Michael A. Nielsen, a clinical engineer with the U.S. Air Force's Medical Logistics Office.
Lack of directive policy on how security vulnerabilities associated with software fixes must be handled and what security standards apply to medical device OEMs creates further confusion and risk, Nielsen said.
Complexities associated with networked environments, current world events, and the OEM shift to Windows-based systems further exacerbate the problem, he said.
Neilsen appeared at SCAR to sound the alarm and raise awareness. He said the healthcare technology community must work with both OEMs and the FDA to develop a working model for software maintenance and validation.
Ideally, as vulnerabilities and advisories are released, OEMs would implement a process to immediately initiate an assessment of alerts from watchdog bodies such as the Computer Emergency Response Team.
Once a patch is validated, the OEM would have a global mechanism, such as a secure Web site, for customer downloads, Nielsen said.
"Failure to recognize the need for vulnerability assessments and security patch response on medical devices platforms as part of the overall device life cycle puts the healthcare community at undue risk for catastrophic failure," he said.
A culture paradigm shift must occur, according to Nielsen.
European Society of Breast Imaging Issues Updated Breast Cancer Screening Recommendations
April 24th 2024One of the recommendations from the European Society of Breast Imaging (EUSOBI) is annual breast MRI exams starting at 25 years of age for women deemed to be at high risk for breast cancer.
Study Reveals Benefits of Photon-Counting CT for Assessing Acute Pulmonary Embolism
April 23rd 2024In comparison to energy-integrating detector CT for the workup of suspected acute pulmonary embolism, the use of photon-counting detector CT reduced radiation dosing by 48 percent, according to newly published research.
Could a Newly FDA-Cleared C-Arm Device Bolster Efficiency for Interventional Radiologists?
April 22nd 2024In addition to advanced imaging quality and dose efficiency, the Philips Zenition 30 mobile C-arm device emphasizes personalized user profiles and automated customization to help reduce procedure time.