The Medical Imaging & Technology Alliance (MITA) published NEMA/MITA HN 1-2019, Manufacturer Disclosure Statement for Medical Device Security (MDS2), a voluntary standard that supports security risk management within healthcare delivery organizations by providing standardized information on security control features integrated within medical devices.
Development of the standard was led by MITA in conjunction with a diverse group of interested parties. It includes a form intended to provide healthcare delivery organizations with crucial information and security control features within medical devices. It also clarifies the roles of manufacturers and healthcare delivery organizations in ensuring secure medical devices.
The shared responsibility recognized by this standard aligns with the position of the U.S. Food and Drug Administration, which released a preparedness and response playbook to help organizations address threats to medical device cybersecurity.
Cybersecurity vulnerabilities
The U.S. Food and Drug Administration (FDA) is warning about vulnerabilities that may introduce risks for certain medical devices and hospital networks. A security firm has identified 11 vulnerabilities, URGENT/11, that may allow anyone to remotely control a medical device, change its function, interrupt service, or cause information leaks or logical flaws.
These vulnerabilities exist in IPnet, a third-party software component supporting network communications between computers. Though the IPnet software may no longer be supported by the original software vendor, some manufacturers have a license that allows them to continue to use it without support. Therefore, the software may be incorporated into other software applications, equipment, and systems which used current medical and industrial devices.
Medical device manufacturers are actively assessing which devices using these operating systems are affected, identifying risk and remediation actions. FDA officials expect additional medical devices will be identified.
Explore the November 2019 Issue
Check out more from this issue and find your next story to read.
Latest from Today's Medical Developments
- Robot watched surgery videos then performed with skill of human doctor
- Master Bond’s EP21LSCL-2Med two component non-cytotoxic epoxy
- IMTS 2024 Booth Tour: Tornos Technologies
- A Primer on Defense Contract Manufacturing
- September 2024 USMTO orders up from August 2024; up from September 2023
- Sandvik Coromant's automatic tool change (ATC) for turning centers
- IMTS 2024 Booth Tour: Vollmer
- Supply chain vulnerabilities amid rising cyberattacks
