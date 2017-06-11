US Government Task Force Urges Cash Incentives For Ditching Insecure Medical Devices (securityledger.com) 27
chicksdaddy shares this report from The Security Ledger: The healthcare sector in the U.S. is in critical condition and in dire need of an overhaul to address widespread and systemic information security weakness that puts patient privacy and even safety at risk, a Congressional Task Force has concluded... On the controversial issue of medical device security, the report suggests that the Federal government and industry might use incentives akin to the "cash for clunkers" car buyback program to encourage healthcare organizations to jettison insecure, legacy medical equipment...
The report released to members of both the U.S. Senate and House of Representatives on Friday concludes that the U.S. healthcare system is plagued by weaknesses, from the leadership and governance of information security within healthcare organizations, to the security of medical devices and medical laboratories to hiring and user awareness. Many of the risks directly affect patient safety, the group found. It comes amid growing threats to healthcare organizations, including a ransomware outbreak that affected scores of hospitals in the United Kingdom.
Joshua Corman, the Director of the Cyber Statecraft Initiative at The Atlantic Council, argues that currently "Healthcare is target rich and resource poor," adding a special warning about the heavy usage of internet-connected healthcare equipment. "If you can't afford to protect it, you can't afford to connect it."
Of course, the lengthy and expensive cert process
.. . . makes even PATCHING existing gear for security holes an extended and tedious process.
Consider, my eldest daughter was working as a ward admin, IT relied on her for backup, because for an entire 445 bed hospital. . . was two junior techs. The password on everything EXCEPT the email and timecard system. .
.was "password".
And, of course, that didn't even include the systems you could physically exploit. . . like a "Pyxis" supply dispenser. The tool needed to "hack" it. . . is a flat-head screwdriver. . .
We could just hire more people
Once again, this is a problem that could be solved but we'll be damned if we're gonna do it because nobody wants to pay for it. He'll, when you suggest they d
That's surprising - Pyxis machines are frequently used to dispense Schedule II drugs.
Maybe they changed out the stock screws
... one can hope.
Resource poor? BS
Resource poor? When I have to pay over $300 for a simple doctor appointment, or over $600 for an appointment with a specialist?
No, there are plenty of resources. It's the priorities that are the problem.
You can thank our healthcare system for that
This is what happens when you let middle men run your healthcare system.
Isn't that what I said? "priorities".
Poor healthcare companies
US healthcare is more expensive than anywhere in the world. Profits of healthcare companies are higher in the US than anywhere. There are no limits to what they charge.
Now they are saying they can't afford to fix the crap they've been foisting on the public?
Crocodile tears...
Buyback?
Why should these highly profitable corporations receive public money to do the right thing to protect themselves and the patients? If they won't do it voluntarily, the law should make them.
More Information, Please
Where can I find out which of the local hospitals and surgical suites uses up-to-date secure stuff and which ones don't give a damn?
Because I will vote with my wallet.