Cybersecurity and medical devices: A practical guide for cardiac electrophysiologists

Benjamin Ransford; Daniel B Kramer; Denis Foo Kune; Julio Auto de Medeiros; Chen Yan; Wenyuan Xu; Thomas Crawford; Kevin Fu

doi:10.1111/pace.13102

Cybersecurity and medical devices: A practical guide for cardiac electrophysiologists

Pacing Clin Electrophysiol. 2017 Aug;40(8):913-917. doi: 10.1111/pace.13102. Epub 2017 Jul 12.

Authors

Benjamin Ransford¹, Daniel B Kramer², Denis Foo Kune¹, Julio Auto de Medeiros³, Chen Yan⁴, Wenyuan Xu⁵, Thomas Crawford⁶, Kevin Fu^{1

7}

Affiliations

¹ Virta Laboratories, Inc., Ann Arbor, MI.
² Richard A. and Susan F. Smith Center for Outcomes Research in Cardiology, Division of Cardiology, Beth Israel Deaconess Medical Center, Boston, MA.
³ Office of Information Security, Mayo Clinic, Rochester, MN.
⁴ Zhejiang University, Hangzhou, China.
⁵ Department of Computer Science & Engineering, University of South Carolina, Columbia, SC.
⁶ Department of Internal Medicine, Frankel Cardiovascular Center, University of Michigan Health System, Ann Arbor, MI.
⁷ Department of Electrical Engineering and Computer Science, University of Michigan, Ann Arbor, MI.

Abstract

Medical devices increasingly depend on software. While this expands the ability of devices to perform key therapeutic and diagnostic functions, reliance on software inevitably causes exposure to hazards of security vulnerabilities. This article uses a recent high-profile case example to outline a proactive approach to security awareness that incorporates a scientific, risk-based analysis of security concerns that supports ongoing discussions with patients about their medical devices.

Keywords: implantable cardioverter-defibrillators; pacemakers.

Publication types

Review

MeSH terms

Cardiac Electrophysiology*
Computer Security*
Defibrillators, Implantable*
Electrophysiologic Techniques, Cardiac / instrumentation*
Humans
Pacemaker, Artificial*
Practice Guidelines as Topic

Grants and funding

K23 AG045963/AG/NIA NIH HHS/United States