With 68 percent of medical devices projected to be connected devices by 2025, medical device security is a top concern for health system chief information security officers. Trimedx, a provider of clinical engineering, medical device cybersecurity, and clinical asset management solutions, is working with Indiana University Health to develop a cybersecurity lab to test medical device security and reduce device security threats as part of the product development process.
Indianapolis-based Trimedx said combining its technology with the Medical Device Security Lab at IU Health brings new opportunities for healthcare professionals and the cybersecurity industry, and the company adds that it hopes to extend the research to others over time.
“The increase in threats and vulnerabilities is exactly why this collaboration is so important,” says Nick Sturgeon, executive director of information security at Indiana University Health, in a statement. “The collaboration will allow us to be at the forefront of innovation and to continue to protect the health and security of patients.”
The Medical Device Security Lab allows for the testing of the healthcare system’s medical devices for vulnerabilities and interoperability. “Mitigating cybersecurity threats is vital to protecting patient safety and data,” added Sturgeon. “The cutting-edge device testing lab enhances the ability to remediate vulnerabilities before equipment reaches the patient floor.”
The lab will perform enterprise security testing on medical equipment in an environment that poses no risk to patients. It also will enhance Trimedx’s approach toward medical device cybersecurity and innovation in the industry with three main objectives:
● Testing of net-new devices in advance of them being implemented in the hospital.
● Testing of configurations and security setups to discover what services need to be turned on and what ports need to be available on the network.
● Active scanning of equipment specific to security testing with no live network or risk of patient impact.
“We expect that this Medical Device Security Lab will pave the way in creating a space for devices to be tested before usage and begin to flag common security issues prior to the implementation of the devices in a healthcare setting,” says Doug Folsom, Trimedx chief technology officer and president of cybersecurity, in a statement. “The intent is to see an overall decrease in device security threats and eventually make this research open and available to many more organizations.”
