Hospitals lack consistent cybersecurity plan for networked medical devices
Healthcare Finance News
Large hospital systems could have around 85,000 medical devices connected to its network, which translates into a broad attack surface, report warns.
Even as hospitals continue to face cyberattacks that risk patient harm, Medicare lacks consistent oversight of networked device cybersecurity in hospitals, according to a report from the Department of Health and Human Services Office of Inspector General.
The report warned that CMS’ survey protocol lacks guidance regarding requirements for networked device cybersecurity. It recommended HHS work with CMS to incorporate cybersecurity as part of its hospital quality oversight process.
WHY THIS MATTERS
Hospitals often do not include device cybersecurity in their emergency-preparedness risk assessments, nor do they–or CMS–plan to update their survey protocol requirements to address networked devices...