The FDA recently released a Safety Communication on Cybersecurity, recommending that "medical device manufacturing and healthcare facilities take steps to assure that appropriate safeguards are in place to reduce the risk of failure due to cyber attack, which could be initiated by the introduction of malware into the medical equipment or unauthorized access to configuration settings in medical devices and hospital networks."
Michael McNeil writes about he additional need for privacy within manufacturing organizations, customers, and the security research community. In order for these relationships to be successful, it is necessary to have a clear process and common ground on how to manage data protection and privacy programs.
There must be clear communication from product development to the compliance team in order to keep up with the evolving landscape of security concerns, such as visual privacy, or the protection of patient information that is visible in hospital environments. It is crucial to be aware of the implications of revealing patient information and to ensure that where and how a product is used takes data protection into consideration. Further protection includes installing privacy filters and angling devices away from openly visible areas.