Cybersecurity experts, representing groups from NASA to academic medicine, have formed a committee targeting the small but potentially lethal threat in which a hacker takes control of a medical device, an act known by some as “medjacking.”
The Diabetes Technology Society (DTS) Cybersecurity Standard for Connected Diabetes Devices steering committee began meeting in July, hoping to determine any possible vulnerabilities in devices, and ways to prevent them from being hacked.
David Armstrong, M.D., a surgeon, committee member and professor of surgery at the University of Arizona, says change is happening at a rapid pace in the field, and those involved want to stay ahead of any possible breaches.
At the same time, members of the group want to make sure that any recommendations aren’t onerous enough to inhibit innovation, he adds.
“We are moving into a new era,” Armstrong says. “It’s breathtaking the speed at which these medical devices, consumer electronics, wearables and implantables are all merging.
“The goal for this group is to try to get out in front of some of the big problems that could completely frighten people off and stifle not only innovation on the R&D side, but quality of care,” he says.
The initial focus of the committee will be on diabetes-related devices, but committee members eventually hope to spread their knowledge to other parts of medicine.
With a few meetings under its belt, the committee was scheduled to discuss its initial findings at a meeting convened by the DTS in October in Bethesda, Md.
The group is expected to issue a final report by the middle of 2016, says David Klonoff, M.D., medical director of the Diabetes Research Institute at Mills-Peninsula Health Services and chairman of the committee.
Until then, Klonoff advises hospitals to investigate their current security practices for connected devices, patch up any vulnerabilities and look to purchase future devices based on their adherence to security standards.
