The so-called “Internet of things” (IoT) has been an oft-used phrase in media reports and stories over the past several years. For readers of our New York health care blog at Daniels, Porco & Lusardi, LLP, who might not know much about that concept, it quite simply refers to a device that can be connected to the Internet.
The possibilities are seemingly endless these days, ranging from toys to toasters.
In the medical realm, medical devices of all sorts (spanning hospital stand-alone diagnostic tools to human implants) are especially linked with the IoT.
And industry principals are reportedly finding that a progressively scary proposition.
Here’s why: Things like pacemakers and computerized med dispensers are susceptible to hacking. Scenarios of cybercriminals penetrating internal medical device software programs and processes in order to garner ransom payments or engage in other wrongdoing are all too real these days, with real-life incidents escalating.
Industry insiders are clearly concerned by the threat.
In fact, many of them say that device-connected risks pose the largest cybersecurity risk operative in the health care realm.
And there is no question that they know of what they speak, based on the responses of some 370 industry professionals who recently participated in a survey on IoT-connected medical devices. As noted in a media report discussing survey findings, fully one-third-plus of those respondents say that their company “experienced a cybersecurity incident in the past year.”
And here’s something manifestly troubling: A further 27% of those individuals admitted to flatly not knowing one way or the other whether their organization was compromised by cybersecurity intrusions.
Obviously, IoT-connected device security is a major concern within the medical industry, and it is progressively growing.