Medical device security strategy is now an essential element of risk management in most healthcare organizations. From visibility to threat management and utilization reviews to safety impact, security teams are in the midst of an evolving practice of creating alignment between information security and clinical risk / safety management. One element missing in the conversation is Privacy. In this session, we look at implications to patient and consumer privacy when it comes to the extended healthcare device ecosystem that begins with medical devices and extends beyond OT, ICS and IT technologies utilized in clinical settings.
Presenting real world examples, we explore what healthcare providers need to take into account when dealing with consumer devices (e.g. Amazon Alexa). Insecure data transmission in between medical devices and clinical workflow management solutions and finally, threat models associated with physical security and life safety management solutions.