HiMMS Asia Pacific - February Digest: Managing the Hazards of Health IT


If you cannot view this properly, kindly click here.


This month, it’s all about...

Managing the Hazards of Health IT

ECRI Institute publishes an annual report on the Top 10 Technology Hazards. HIMSS Asia Pacific’s Melissa Leong asks more questions about the 2017 list to Mr. Eric Woo, Regional Director, ECRI Asia Pacific. Which hazards should be prioritized? Which current technology type helps to prevent hazards most? Which futuristic technology will eliminate hazards? And more. Read here >>



This featured piece is based on ECRI's executive brief outlining the top 10 hazards. The full report (UP: 285 USD) provides guidance on managing each hazard. HIMSS Asia Pacific members can purchase the full report at 100 USD - offer valid through this year! More info can be found in the article.






Web-connected medical devices are great. Unless...


There are many benefits to having internet-connectedness and one such benefit is the ability to provide remote control to implanted medical devices such as pacemakers - adjusting these devices through the Internet of Things can avoid additional surgeries or other procedures that carry the risk of infection.

But remote control of such a sensitive piece of equipment can be a detriment. Anything connected to the Internet potentially is at risk of hacking — and when the device being hacked is a medical device, the risk could be fatal.


In view of these risks, United States Food and Drug Administration (FDA) drafted guidelines for building enhanced cybersecurity into the design and development of Internet connected medical devices. Recently the FDA released new recommendations that deal with maintaining the cybersecurity of medical devices after the devices have entered the marketplace.

Meanwhile, what can users do to protect themselves? Find out what information is stored on your device and how it is accessed. Also find out from the manufacturer what steps are they taking to protect your device from being hacked. If your device uses an open WiFi connection, you should change it to operate exclusively on a home network with a secured WiFi router. If your device is capable of transmitting data, make sure that the transmissions are encrypted.



Hacking Risks in Medical Devices


A well-known medical device manufacturer had recently warned its insulin pump user about security issues that could allow hackers to deliver unauthorized doses of insulin.

The vulnerabilities were discovered by Jay Radcliffe, a security researcher at Rapid7 who is a Type I diabetic and user of said pump. The flaws primarily stem from a lack of encryption in the communication between the device's two parts: the insulin pump itself and the meter-remote that monitors blood sugar levels and remotely tells the pump how much insulin to administer.


The pump and the meter use a proprietary wireless management protocol through radio frequency communications that are not encrypted. This exposes the system to several attacks.

Passive attackers can snoop on the traffic and read the blood glucose results and insulin dosage data. Then, they can trivially spoof the meter to the pump because the key used to pair the two devices is transmitted in clear text.

"This vulnerability can be used to remotely dispense insulin and potentially cause the patient to have a hypoglycemic reaction."




Another Hacking Risk discovered in Medical Heart Devices


IT security consulting firm Bishop Fox conducted a research on a specific Medical Heart Device from one of the world’s biggest maker of implantable cardiac devices and results showed that the cardiac devices had "serious security vulnerabilities" that could allow attackers to disable the devices or deliver electric shocks to patients.

The vulnerabilities included flaws in the encryption of the radio frequency protocol used by the developer as well as a backdoor to the devices that Bishop Fox said was "relatively easy to discover."


The report said the wireless communications in the cardiac devices are vulnerable to hacking, making it possible for hackers to convert the patient monitoring devices into "weapons" that can cause cardiac implants to stop providing care and deliver shocks to patients.

Bishop Fox said it conducted successful test attacks from 10 feet (3 meters) away, but that the range might be extended to as far as 100 feet (30 meters) with an antenna and a specialized device known as a software defined radio.

With the security flaws leave the life-saving devices vulnerable to attacks that could wipe out them out, cause them to malfunction or drain their batteries.








Internet of Things – Click here to kill everyone >

UK National Health Trust Hacked >

5 Predictions for Health Tech and Services >

CISO Discusses Security Challenges for Medical Devices >

Patients at Risk from Hospital Devices >

Brain Implant Technology Made Practical >







Catch our next Webinars in March.

Thought Leadership Webinar: Safety in the Digital Health Era


Speaker: Dr. Farah Magrabi, Associate Professor, Centre for Health Informatics, Australian Institute for Health Innovation, Macquarie University, Australia

Date: 3 March 2017, Friday

Time: 8am – 9am (Singapore)

Click here for information >

Industry Expert Webinar: Overcoming Healthcare Scheduling Nightmares


Speaker: Mr. Sriram Guruviah, Advisor, Sales Solutions (Healthcare), Asia, Middle East & Africa, CSC

Date: 9 March 2017, Friday

Time: 11am – 12am (Singapore)

Click here for information >








Curing Healthcare Systems in Developing Countries

The way healthcare is being delivered is broken in many countries. We don’t need new drugs or vaccines. We need to first cure the health care systems that deliver them.

Ellen van de Poel brings a different view to health insurance, health care delivery, and health systems because of her research on the financing

of health and health care in developing countries. Her insights could impact how we all use and pay for health care. She is the director of the Rotterdam Global Health Initiative and an associate professor of Health Economics at the Institute of Health Policy and Management at the Erasmus University, Rotterdam.








You have received this email because you are opted-in to receive information about HIMSS Asia Pacific membership and events. Want to control your email from HIMSS? Unsubscribe from emails.

If you have any questions or problems please contact us at techsupport@himss.org. HIMSS Asia Pacific, 3 Killiney Road, #04-04 Winsland House 1, Singapore 239519 Tel: (65) 6664 1100 Fax: (65) 6836 7728


No Very
Captcha Image