top of page

Hospitals lack consistent cybersecurity plan for networked medical devices

Healthcare Finance News

Nathan Eddy

Large hospital systems could have around 85,000 medical devices connected to its network, which translates into a broad attack surface, report warns.

Even as hospitals continue to face cyberattacks that risk patient harm, Medicare lacks consistent oversight of networked device cybersecurity in hospitals, according to a report from the Department of Health and Human Services Office of Inspector General.

The report warned that CMS’ survey protocol lacks guidance regarding requirements for networked device cybersecurity. It recommended HHS work with CMS to incorporate cybersecurity as part of its hospital quality oversight process.


Hospitals often do not include device cybersecurity in their emergency-preparedness risk assessments, nor do they–or CMS–plan to update their survey protocol requirements to address networked devices...

Get the Morning Update

Thanks for subscribing!

bottom of page