The growing interoperability between medical devices and electronic medical records gives rise to new opportunities in the transmittal and collection of vital medical data. New vulnerabilities arise as well. Last month, the Internet Storm Center sponsored by SANS (SysAdmin, Audit, Network, Security Institute) warned that the Conflicker worm had infected approximately ten million internet devices including MRIs. SANS is a cooperative research and education organization that since 1989 has specialized in information security technology training and awareness.
The Conflicker worm attacks holes in Windows OS with advanced malware techniques. It is the largest worm infection since the SQL Slammer worm. Many of the infected devices were not designed for internet connectivity. The efficacy of the infection repair is complicated by a FDA regulation which limits the ability to issue an internet “patch” for 90 days, and apparent triumph of law over common sense in crisis with a unique and unanticipated need.
Companies like Microsoft, WalMart and Google that have significant investments in on-line personal health records and the Health 2.0 movement, as well as medical device manufacturers have been pursing the development of security standards for the interlink between the devices, the internet and on line medical data repositories.
The Continua Health Alliance is a non-profit organization supported by approximately 200 companies to develop industry security and interoperability standards to advance the personal telehealth industry. Continua President, David Whitlinger, describes Continua’s mission as the pursuit of “an ecosystem of personal health solutions,” while meeting the IEE 11073 standards for compatible electronic exchange of information between health devices and other destinations. IEEE 11073 is a framework of standards that addresses transport-independent application and information profiles between telehealth devices and monitors/managers.
Continua recently announced its adoption of the Vena platform developed by Cambridge Consultants for use in a hand held inhaler device used to monitor and measure oxygen saturation. The Vena platform has incorporated, for the first time, three essential standards in a single chip. They are the Blue Tooth Health Device Profile, the USB Personal Health Device Standard and of course the IEEE 11073 standards.
The development and distribution of appropriate security standards cannot come soon enough as the stories of internet hacker mischief mount, including the 10 million dollar ransom demand for the return of stolen medical records in Virginia and the hacker penetration of U.C. Berkeley health services data base announced last month. These evolving medical devices also carry the promise of providing broad patient health care information to collector or aggregator sites to monitor the efficiency of a particular therapy, to assist epidemiological data collection and other public health issues. (There will be more about this issue in a future post.) Effective security is not only desirable-it is essential. Security will likely become an important consideration in the FDA’s oversight during the 510k review process for new medical devices in the not distant future. See http://rdn-consulting.com/blog/2008/06/18/connecting-computers-to-fda-regulated-medical-devices/
The new FDA Medical Devices Data System final regulations are due out in the next few months. It remains to be seen how aggressive the FDA will be in its oversight of this area. In any event the rumor is that the basic pillars of the proposed rule will be adopted.
Here is a summary of what is a MDDS under the regulations. A medical device data system (MDDS) is a device intended to provide one or more of the following uses:
• The electronic transfer or exchange of medical device data from a medical device, without altering the function or parameters of any connected devices. For example, this would include software that interrogates a ventilator every 15 minutes and transfers information about patient CO2 levels to a central patient data repository;
• The electronic storage and retrieval of medical device data, without altering the function or parameters of connected devices. For example, this would include software that stores historical blood pressure information for later review by a healthcare provider;
• The electronic display of medical device data, without altering the function or parameters of connected devices. For example, this would include software that displays the previously stored electrocardiogram for a particular patient;
• The electronic conversion of medical device data from one format to another format in accordance with a preset specification. For example, this would include software that converts digital data generated by a pulse oximeter into a digital format that can be printed.
• Examples of medical device data systems that would be used in the home are systems that periodically collect data from glucose meters or blood pressure devices for later review by a healthcare provider.Medical device data consist of numerical or other information available from a medical device in a form suitable for processing by computer. Medical device data can represent many types of information (e.g., clinical values, alarm conditions, error messages). MDDS are not intended or designed to provide any real time, active, or online patient monitoring functions. Medical device data systems can deliver and store alarm data but do not have the capability to display, create, or detect alarm conditions, or to actually sound an alarm. In particular, a MDDS can record the fact that an alarm sounded, but cannot by itself sound an alarm in response to patient information. Medical device data systems cannot create alarms that are not already present from the connected medical devices. By themselves, MDDS do not provide any diagnostic or clinical decision making functions. Medical device data systems can transmit, exchange, store, or retrieve data in its original format or can be used to convert the medical device data from one format to another so that the arrangement or organization of the medical device data is in accordance with preset specifications.
Comments