New Bill to Tackle Medical Device Cybersecurity | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

New Bill to Tackle Medical Device Cybersecurity

October 9, 2017
by Rajiv Leventhal
| Reprints

New legislation from two Republican lawmakers looks to lay out a cybersecurity framework which protects sensitive healthcare information from cyber attacks.

U.S. Representatives Dave Trott (MI-11) and Susan Brooks (IN-05) introduced the Internet of Medical Things Resilience Partnership Act last week, with the aim to collect and centralize all existing, relevant cybersecurity standards, guidelines, frameworks, and best practices, identified the current high-priority gaps and problems, and pinpoints actionable solutions while providing a framework for IoMT (Internet of Medical Things) developers for which to reference.

In a statement, Rep. Brooks, said, “There are millions of medical devices susceptible to cyber attacks and often times, we are wearing these networked technologies or even have them imbedded in our bodies. Bad actors are not only looking to access sensitive information, but they are also trying to manipulate device functionality. This can lead to life-threatening cyber attacks on devices ranging from monitors and infusion pumps, to ventilators and radiological technologies.”

Brooks’ statement continued, “As the number of connected medical devices continue to grow, so does the urgency to establish guidelines for how to prevent these kinds of dangerous attacks. It is essential to provide a framework for companies and consumers to follow so we can ensure that the medical devices countless Americans rely on and systems that keep track of our health data are protected. I am proud to introduce a bill with my colleague Rep. Trott that brings together public and private sector counterparts to address potential vulnerabilities of medical technologies.”

Per the legislation, the Office of the national Coordinator for Health IT (ONC) would be part of a working group—established by the FDA (Food and Drug Administration) and NIST (National  Institute  of  Standards  and  Technology)—that would develop recommendations for voluntary frameworks and guidelines to increase the security and resilience of networked medical devices sold in the U.S. that store, receive, access, or transmit information to an external  recipient or system for which unauthorized  access, modification, misuse, or denial of use may result in patient harm.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Study will Leverage Connecticut HIE to Help Prevent Suicides

A new study will aim to leverage CTHealthLink, a physician-led health information exchange (HIE) in Connecticut, to help identify the factors leading to suicide and to ultimately help prevent those deaths.

Duke Health First to Achieve HIMSS Stage 7 Rating in Analytics

North Carolina-based Duke Health has become the first U.S. healthcare institution to be awarded the highest honor for analytic capabilities by HIMSS Analytics.

NIH Releases First Dataset from Adolescent Brain Development Study

The National Institutes of Health (NIH) announced the release of the first dataset from the Adolescent Brain Cognitive Development (ABCD) study, which will enable scientists to conduct research on the many factors that influence brain, cognitive, social, and emotional development.

Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.