The new administration has been in place for almost a year, but many questions remain unanswered. As health reform continues to be a big concern, 2018 “will be distinguished by persistent uncertainty and risk” for the health industry, according to the PwC Health Research Institute (HRI) report, Top Health Issues of 2018.
The following is the institute’s list of the top 12 issues:
- The healthcare industry tackles the opioid crisis
- Social determinants come to the forefront
- Price transparency moves to the state house
- Natural disasters create devastation that lasts long after the event passes
- Medicare Advantage swells in 2018
- Health reform isn’t over, it’s just more complicated
- Securing the internet of things
- Patient experience as a priority and not just a patient portal
- Meet your new coworker, artificial intelligence
- Healthcare’s endangered middlemen
- Real-world evidence a growing challenge for pharma
- Tax reform moves forward
Most notable for the medical device industry are the new cybersecurity threats that will require device companies and hospitals to work together on keeping the door closed to cybercriminals. According to PwC’s HRI, there has been a 525% increase in medical device cybersecurity vulnerabilities reported by the government.
“Eleven manufacturers of medical devices issued warnings about the potential for the Wannacry event to affect their devices, and several were confirmed to have been affected.” – PwC Health Research Institute
A bit troubling is the fact that hospitals have thousands of devices in operation. In the face of a cyberattack, many hospitals are not prepared to quickly address the issue. There are a couple problems here, said Chantal Worzala, who is quoted in the report: “Many device companies do not provide information about potential vulnerabilities or updates and patches to fix vulnerabilities.” In addition, FDA is too slow in alerting the public about these problems. Worzala is the vice president of health information and policy operations at the American Hospital Association.
What medical devices are most vulnerable to hackers?What Do These Risks Mean for Industry?
PwC’s HRI offers three recommendations that industry should heed in addressing cybersecurity risks.
- Hospitals and device companies should invest in proactive steps, including conducting tests for cybersecurity breaches and remediation measures. This includes business continuity planning that is available should a network go down.
- Know your risks from both a financial and a reputation perspective. If a breach occurs, not only do devices and hospital systems take a monetary hit due to shut downs, but the confidence of patients (consumers) is also affected. The report cites that 26% of consumers affected by a hack that resulted in stolen medical information changed physicians, hospitals, insurance companies or other medical groups. 38% said they would be reluctant to go to a hospital affected by a device hack.
- Hospitals should limit personnel access to medical devices and also limit the actions that those devices can perform. In addition, “companies can also use language in vendor contracts to establish what device manufacturer are responsible for, including security updates and security support,” the report recommends, citing The Mayo Clinic’s policy that requires vendors to follow certain security standards before it will purchase its medical devices.