Despite Risks, Hospitals Connecting A Growing Number Of Medical Devices

Posted on July 20, 2018 I Written By

Anne Zieger is veteran healthcare branding and communications expert with more than 25 years of industry experience. and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also worked extensively healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or www.ziegerhealthcare.com.

Over the past few years, hospitals have gotten closer and closer to connecting all of their medical devices to the Internet — and more importantly, connecting them to each other and to critical health IT systems.

According to a new study by research firm Frost & Sullivan, most hospitals are working to foster interoperability between medical devices and EHRs. By doing so, they can gather, analyze and present data important to care in a more sophisticated way.

“Hospitals are developing connectivity strategies based on early warning scores, automated electronic charting, emergency alert and response, virtual intensive care units, medical device asset management and real-time location solutions,” Frost analysts said in a prepared statement.

Connecting medical devices to other hospital infrastructure has become so important to the future of healthcare that the FDA has taken notice. The agency recently issued guidance on how healthcare organizations can foster interoperability between the devices and other information systems.

Of course, while hospitals would like to see medical devices chat with their EHRs and other health IT systems, it’s just one of many important goals hospitals have for data collection and analysis. Health IT executives are up to the eyebrows supporting big data transformation, predictive analytics and ongoing EHR management, not to mention trying out soon-to-be standard technologies such as blockchain.

More importantly, few medical devices are as secure as they should be. While the average hospital room contains 15 to 20 connected devices, many of them are frighteningly vulnerable. Some of them are still running on obsolete operating systems, many of which haven’t been patched in years, or roughly 1,000 years in IT time. Other systems have embedded passwords in their code, which is one heck of a problem.

While the press plays up the possibility of a hacker stopping someone’s connected pacemaker, the reality is that an EHR hack using a hacked medical device is far more likely. When these devices are vulnerable to outside attacks, attackers are far more likely to tunnel into EHRs and steal patient health data. After all, while playing with a pacemaker might be satisfying to really mean people, thieves can get really good money for patient records on the dark web.

All this being said, connected medical devices are likely to become a key part of hospital IT infrastructure in hospitals over time as the industry solves these problems, Frost predicts that the global market for such devices will climb from $233 million to almost $1 billion by 2022.

It looks like hospital IT executives will have some hard choices to make here. Ignoring the benefits of connecting all medical devices with other data sources just won’t work, but creating thousands of security vulnerabilities isn’t wise either. Ultimately, hospital leaders must find a way to secure these devices ASAP without cratering their budget, and it won’t be easy.