The Journal of mHealth Vol 2 issue 5 (Oct) | Page 20

Does Device Interoperability Sacrifice Security? Does Device Interoperability Sacrifice Security? By Stephanie Preston, Cyber Embedded Systems Engineer, Battelle and Melissa Masters, Director of Electrical, Software and Systems Engineering, Battelle When medical devices work together, patients and healthcare providers benefit. But is there a downside to medical device interoperability? As our devices become more connected to each other and to hospital networks, they open up new cybersecurity risks. The same interoperability standards that make it easier for devices to communicate may also make medical devices more vulnerable. The Promise of Device Interoperability The Institute for Electrical and Electronics Engineering (IEEE) defines interoperability as “the ability of a system or a product to work with other systems and products without special effort on the part of the customer.” Interoperable devices use standardized ways of interacting and sharing data with each other, with hospital networks, and with patient Electronic Health Records (EHRs). Devices designed to be interoperable are essentially intended to be “plug and play”: when you add them to your network, they should be ready to communicate with other parts of the healthcare system. The desire for connected, interoperable devices is already driving significant improvements in healthcare quality and patient outcomes. For example, a hospitalized patient may be connected to six or more medical devices, including infusion pumps, ventilators, and various vital signs monitors. When these become integrated and communicate directly with the EHR, doctors and nurses have real-time access to complete, accurate information on a patient in one place rather than consulting each device individually. This reduces clinician burden and healthcare errors. Interoperability also enables sophisticated healthcare data analytics and device automation – for example, a drug delivery device that 18 October 2015 could automate dosages based on feedback from various monitoring devices. As healthcare moves towards greater reliance on electronic records and connected devices, hospitals and regulators are pushing towards standardized systems for interoperability. The Office of the National Coordinator for !