Federal authorities from the National Institute of Standards and Technology consider the infusion pump a critical cybersecurity vulnerability for hospitals, according to a report in the Star Tribune.
Though no infusion pumps have been hacked yet, they are a possible entry point for hackers to access patient identification and billing data. Hackers could write malware to compromise the pumps, then use the pumps as a vector to plant malicious code in the hospital's central system and cause it to send confidential information to external networks, according to the report.
NIST is working to develop guidelines for preventing cyberattacks on medical devices and plans to publish recommendations this fall, according to the report.
The FDA held its first cybersecurity conference for medical devices last October and shortly after, Homeland Security officials announced investigations into about 24 cybersecurity vulnerabilities in medical devices, according to the report. One case includes an infusion pump from Hospira, a Lake Forest, Ill.-based medical device supplier. Hospira declined to comment.
More articles on health IT:
Sentara launches retail site for OTC products
4 key elements to a great telemedicine system
CIO Kumar Chatani: Excellence in system integration