An Indianapolis-based clinical asset management company is looking to bolster the security of medical devices used for patient care. TRIMEDX is partnering with Indiana University Health to develop a cybersecurity lab that will be used to test the security of devices such as ventilators and MRI machines and reduce security threats. Chief Technology Officer Doug Folsom says the goal will be to remove a blindspot for health systems by testing different solutions and protection strategies for existing and new devices.
In an interview with Inside INdiana Business, Folsom said the Medical Device Security Lab will allow them to run various scenarios that could arise.
“There’s computers in there where we can interject known vulnerabilities onto the network and see how it reacts and then change settings on the device or change settings on the network to see if we can protect that device prior to doing it in a live setting,” said Folsom.
TRIMEDX says healthcare cybersecurity breaches hit an all-time high in 2021, and 68% of medical devices are projected to be connected devices by 2025, which makes cybersecurity more critical than ever.
In addition to testing existing devices, Folsom says the lab will be used to test devices that are still in the development process before they are deployed.
“We expect that this Medical Device Security Lab will pave the way in creating a space for devices to be tested before usage and begin to flag common security issues prior to the implementation of the devices in a healthcare setting,” Folsom said. “The intent is to see an overall decrease in device security threats and eventually make this research open and available to many more organizations.”
The company says the lab will test the equipment in an environment that poses no risk to patients.
Folsom says the lab also creates a great opportunity for training and collaboration with medical device manufacturers.
“Getting into some partnerships with the manufacturers I think would be hugely beneficial,” he said. “Obviously, IU Health is a significant consumer of a lot of those devices that are manufactured, so I think with the two of us, it’s a good partnership to be able to drive that ahead. Ideally, if we could get the manufacturers involved and ultimately build a more secure device out of the gate rather than chasing remediations, we could have a much more robust and secure environment overall.”
Folsom adds the creation of new technology to secure devices could also be a potential byproduct of the lab.