Feature | Cybersecurity | May 16, 2018

Heart Rhythm Society Recommends How to Prepare for Cybersecurity Threats to Cardiac Implantable Devices

HRS statement aimed at countering threats to implantable pacemakers and ICDs

Heart Rhythm Society (HRS) Offers Recommendations to Prepare for Cybersecurity Threats to Cardiac Implantable Devices in new consensus document. #HRS2018

May 16, 2018 — The Heart Rhythm Society (HRS) released communication recommendations to assist healthcare professionals to understand and prepare for potential cybersecurity vulnerabilities of cardiovascular implantable electronic devices (CIEDs). The statement was released during Heart Rhythm 2018 conference last week. 

The statement outlines four key communication themes: 
   1. When to notify patients;
   2. Whom to notify;
   3. How to communicate with patients; and 
   4. What elements to discuss with patients.  

The relative novelty of cybersecurity threats in CIEDs is raising questions among patients and the heart rhythm care community. The rapidly changing healthcare environment and increasing global interconnectivity expose information technology to new vulnerabilities. Hackers can potentially use these vulnerabilities to gain unauthorized access to medical equipment. 

The proceedings statement includes detailed guidance on patient-centered communication strategies when a specific threat is identified. The authors first call for an assessment of the threat by experts from manufacturers and U.S. federal agencies. If a vulnerability is validated, the discussion between the healthcare professional and patient should include five topics: 
   1. Potential consequences if the vulnerability is exploited;
   2.Strategies to mitigate the risks;
   3. Technical challenges to exploit the vulnerability;
   4. Long-term solutions to eliminate the threat; and
   5. Benefits provided by the CIED compared with the risk if the vulnerability is exploited.
 
The authors note that if the claim of a new vulnerability is released directly to the public, instead of directly to the manufacturer or the U.S. Food and Drug Administration (FDA), there is the potential for a period of uncertainty and anxiety during the evaluation of the claim. U.S. federal agencies and manufacturers must rapidly assess both the validity of the claim and the potential risks to patients to prevent improper action or exploitation of the situation.  

"As we look ahead and plan for ways to deal with potential risks to CIEDs, preparedness is the best approach," said lead author David Slotwiner, M.D., FHRS, New York-Presbyterian Queens. "Like other technology such as smartphones or computers, device software needs to be regularly updated. As healthcare professionals, we are inclined to first address hardware issues with the battery or leads, but the software is equally important. The healthcare community must reach a point where routine software updates are considered the standard of care to minimize the threat and ultimately eliminate risks." 

The authors also state the importance of managing patient expectations at the time of implant. Patients should know that CIEDs will require software updates until the battery is depleted. By educating patients prior to CIED implant and in advance of a threat announcement, patients will have a better understanding of the systems and be more prepared to respond to a potential vulnerability. HRS will work with its partners to help educate health care professionals on best practices for patient-centered conversations and mechanisms to minimize cybersecurity risks.

The statement captures the proceedings of the 2017 Leadership Summit on Cybersecurity Vulnerabilities: Communications Strategies for Clinicians and Patients that was attended by patient representatives, subject matter experts, HRS and American College of Cardiology (ACC) leadership, FDA and Federal Bureau of Investigation (FBI) officials, and leadership from CIED manufacturers. 

The full document was published with an accompanying editorial commentary in the online edition of HeartRhythm, the official journal of HRS. Review the full document and editorial commentary by FDA.

Find links to all the Heart Rhythm 2018 Late-breaking Studies

 

Related Cardiovascular Device Cybersecurity Content:

Can Your Cardiac Device Be Hacked?

Raising the Bar for Medical Device Cyber Security

The State of Healthcare Cyber Security

FDA Seeks Management of Cybersecurity in Medical Devices

Cybersecurity Threats in Medical Imaging

FDA Announces New Medical Device Safety Action Plan

 

Reference:

1. David J. Slotwiner, David J. Slotwiner, David J. Slotwiner, et al.  Cybersecurity Vulnerabilities of Cardiac Implantable Electronic Devices: Communication Strategies for Clinicians—Proceedings of the Heart Rhythm Society's Leadership Summit. HeartRhythm. DOI: https://doi.org/10.1016/j.hrthm.2018.05.001
 

#HRS2018  #HRS18

 

 

Related Content

DAIC Earns Azbee National Bronze Award for Social Media Presence
News | Cardiovascular Business | May 10, 2019
May 10, 2019 — Diagnostic and Interventional Cardiology (DAIC) earned a Bronze Award at the 2019 Na
Cath lab staff working as a team to prepare for a procedure at Presbyterian Medical Center Cardiac Cath Lab, Charlotte N.C. Pictured are Barry Horsey RCIS, Emily Luna RN, RCIS, Adam Martin RCIS, Caleadia Jessup RN.

Cath lab staff working as a team to prepare for a procedure at Presbyterian Medical Center Cardiac Cath Lab, Charlotte N.C. Pictured are Barry Horsey RCIS, Emily Luna RN, RCIS, Adam Martin RCIS, Caleadia Jessup RN.

Feature | Cardiovascular Business | May 03, 2019 | Ruben Filimonczuk, RCES, AS-PMD
One of the most promising areas for innovation in healthcare is to be found in the workforce – both in hiring and ret
Fail-safe Program for New Medical Technology Focuses on Patient Safety
News | Cardiovascular Business | April 29, 2019
New medical technology offers the promise of improving patient care, as well as the potential for harm if caregivers...
Medicare Trustees Report Hospital Insurance Trust Fund Will Deplete in Seven Years
News | Cardiovascular Business | April 22, 2019
The Medicare Hospital Insurance (HI) Trust Fund, which funds Medicare Part A, will only be able to pay full benefits...
Videos | Cardiovascular Business | April 16, 2019
A discussion with Ruth Fisher, MBA, vice president of the...
Foreign-trained doctors now make up one-third of cardiologists in the United States and help make up for the U.S. overall shortage of physicians. Pictured here is co-author of this article Mandeep R. Mehra, MBBS, MSc, FRCP, who is an example of the contribution international physicians have made in the U.S. He is medical director of the Brigham and Women’s Hospital Heart and Vascular Center.

Foreign-trained doctors now make up one-third of cardiologists in the United States and help make up for the overall shortage of physicians. Pictured here is co-author of this article Mandeep R. Mehra, MBBS, MSc, FRCP, who is an example of the contribution international physicians have made in the U.S. He is medical director of the Brigham and Women’s Hospital Heart and Vascular Center, The William Harvey Distinguished Chair in Advanced Cardiovascular Medicine, and a professor of medicine at Harvard Medical School. He is past-president of both the Heart Failure Society of America and the International Society of Heart and Lung Transplantation. 

Feature | Cardiovascular Business | April 15, 2019 | William W. Pinsky, M.D., FAAP, FACC, and Mandeep R. Mehra, MBBS, MSc , FRCP
As we strive to process today’s successive news cycles involving negative reports about immigration, it is easy for m
ACC Combines NCDR, Accreditation Into New Quality Summit
News | Cardiovascular Business | March 15, 2019
The American College of Cardiology’s first annual ACC Quality Summit, held March 13-15 in New Orleans, merges the NCDR...
Diagnostic and Interventional Cardiology Named 2019 Azbee Awards Finalist for Social Media
News | Cardiovascular Business | March 08, 2019 | Jeff Zagoudis, Associate Editor
Diagnostic and Interventional Cardiology (DAIC) was named a finalist in the Social Media Presence category for the 2019...
 FDA Commissioner Scott Gottlieb Announces Resignation
News | Cardiovascular Business | March 05, 2019 | Jeff Zagoudis, Associate Editor
U.S. Food and Drug Administration (FDA) Commissioner Scott Gottlieb, M.D., resigned from his position March 5 after two...
Overlay Init