For Dr. Lee, the advances in technology for otolaryngology devices are only a “big plus,” from both the patient and provider standpoints. “Having a smart phone and being able to adjust your hearing on your smart phone is a huge plus for patients and something they appreciate and find very valuable,” he said.
Explore This IssueSeptember 2017
Any medical device that can be connected through wired or wireless means to an external device, typically for the purpose of changing control settings, can conceivably be hacked. —Stephen L. Grimes, Strategic Healthcare Technology Associates
Although the vulnerabilities of these devices to hacking is not yet on his or the Academy’s radar, he emphasized that it is something “we need to be judicious about moving forward.”
The Need for Awareness
For Grimes and other security experts who regularly consult with medical and government entities in developing guidance on cybersecurity, educating providers on the potential risks to medical devices is a top priority when it comes to helping ensure their safety. “Practitioners, including otolaryngologists, need to know that today’s new technologies often bring new cyber vulnerabilities,” he said. “To ensure safe use of the new technologies, practitioners should question security and clinical engineering experts to verify that all stakeholders in the process understand the issue and are taking the appropriate precautions.”
Scot Copeland, a medical IT network risk manager at Scripps Health in San Diego, also emphasized the need for otolaryngologists, along with all providers, to be aware of cybersecurity issues in their own environment. “The cybersecurity issues aren’t as prevalent in the ENT discipline as elsewhere, but the basics still apply, and awareness is key to identifying the issues as new products and implementation arise,” he said.
An example of a new technology that addresses these new cybersecurity concerns is the new Nucleus 7 Sound Processor for cochlear implants, manufactured by Cochlear Ltd. and approved by the FDA in June 2017. According to Jan Janssen, senior vice president of research and development at Cochlear, the processor is designed to prevent unauthorized use of the device, or a malicious attack on it. Janssen also emphasized that the processor “had to meet the applicable cyber security guidelines” by various regulatory bodies around the world to obtain approval.
Among the basics of cybersecurity that otolaryngologists and other providers should pay attention to are such things as using strong passwords, keeping software and operating systems as up to date as possible, using anti-malware where possible, replacing older equipment that can’t be kept current, and following manufacturer guidance on safety and security. In other words, “adhering to proper cybersecurity hygiene,” he said.