Cybersecurity Vulnerability Tops 2018 Health Tech Hazards List

In its annual list of Health Technology Hazards, the ECRI Institute points to the risks posed by ransomware and cybercrime.

IDEA GO/FREEDIGITALPHOTOS.NET

Recent alarming incidents involving hacking, ransomware, and vulnerable medical devices have made it clear that cybersecurity needs to be a top priority in healthcare. The ECRI Institute is highlighting its importance, placing “Ransomware and Other Cybersecurity Threats to Healthcare Delivery Can Endanger Patients” as the top issue on its list of Top 10 Health Technology Hazards for 2018.

The issues are chosen by considering criteria including preventability, frequency, severity, and potential scope.

The ECRI Institute authors wrote in an executive brief, “In a healthcare environment, a malware attack can significantly impact care delivery by rendering health IT systems unusable, by preventing access to patient data and records, and by affecting the functionality of networked medical devices. Further, such attacks can disable third-party services, disrupt the supply chain for drugs and supplies, and affect building and infrastructure systems.” They added that this can disrupt patient care and harm patients.

Another issue on the 2018 list is endoscope reprocessing, a familiar topic from years past. Concerns about contaminated endoscopes made the 2017 list, topped the 2016 list, and was included in several prior years.

Here is the complete list of the Top 10 Health Technology Hazards for 2018:

  1. Ransomware and Other Cybersecurity Threats to Healthcare Delivery Can Endanger Patients
  2. Endoscope Reprocessing Failures Continue to Expose Patients to Infection Risk
  3. Mattresses and Covers May Be Infected by Body Fluids and Microbiological Contaminants
  4. Missed Alarms May Result from Inappropriately Configured Secondary Notification Devices and Systems
  5. Improper Cleaning May Cause Device Malfunctions, Equipment Failures, and Potential for Patient Injury
  6. Unholstered Electrosurgical Active Electrodes Can Lead to Patient Burns
  7. Inadequate Use of Digital Imaging Tools May Lead to Unnecessary Radiation Exposure
  8. Workarounds Can Negate the Safety Advantages of Bar-Coded Medication Administration Systems
  9. Flaws in Medical Device Networking Can Lead to Delayed or Inappropriate Care
  10. Slow Adoption of Safer Enteral Feeding Connectors Leaves Patients at Risk

For more, download the executive brief here.

500 characters remaining
It is an interesting list and the items are worthy of consideration, but the methodology is not exactly transparent, and a "universal" top ten may not be a local or a personal top ten--and neither may not be rational. However the list of factors to consider other than frequency and severity is interesting, although how they are rated or combined is not described. For another take on the latter issue see: https://www.mddionline.com/risk-analysis-beyond-probability-and-severity.