The House Committee on Energy and Commerce has pleaded with the HHS to move forward on all recommendations for medical device security proposed by the Healthcare Cybersecurity Task Force, seeking quick action to be taken to address existing dangers.
The Cybersecurity Act of 2015 obligated Congress to put together the Healthcare Cybersecurity Task Force to help identify and tackle the unique challenges faced by the healthcare sector when safeguarding data and protecting from cyberattacks.
While healthcare groups are increasing their investment in technologies to avoid cyberattacks, medical devices remain a significant weak point and could easily be targeted by cybercriminals to gain access to healthcare networks and private information.
The existence of insecure or outdated protocols and operating systems within medical technologies is a reality of modern medicine. At the same time, however, this leaves healthcare organizations vulnerable to increasingly sophisticated and rapidly evolving cyber threats," commented Walden.
Walden stated that the Cybersecurity Task Force Recommendations for Medical Device Security
has asked for a Bill of Materials as a possible solution to the problem. The Bill of Materials would be applicable to all medical technologies, which list all the components, software, hardware and protocols used, and any known danger associated with those components. Such a Bill of Materials would make it much simpler for healthcare groups to make security decisions, and mitigate risk when new weaknesses are discoverd.
Having a Bill of Materials for all technologies would not completely safeguard the healthcare sector, but Walden explains it is a "common sense step" to improving cybersecurity in the entire industry.
The HHS has been asked to initiate a sector-wide effort to formulate a plan for the creation and deployment of BOMs. Walden pleaded for a plan to be provided by the HHS before December 15, 2017.