AAMI News January 2017

Device Security to Take Center Stage at AAMI 2017 Conference

Kevin Fu
Kevin Fu

Kevin Fu, a widely respected leader in the field of medical device security, has been selected to give the annual Dwight E. Harken Lecture during the AAMI 2017 Conference & Expo in Austin, TX, June 9–12. This general session honors the significant contributions that Harken, AAMI president from 1969–1970, made to medical science and technology.

Fu is CEO and chief scientist of Virta Labs, Inc. and an associate professor at the University of Michigan where he directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group. Virta Labs helps hospitals strategically manage cybersecurity risk for safety-critical inventory on clinical networks.

“This is a great honor,” Fu said. “I really appreciate AAMI recognizing the importance of the field, which is critical for the safety and effectiveness of medical devices.”

In hospitals today, it would be difficult to find medical device technology that does not critically depend on computer software. Network connectivity and wireless communication have transformed the delivery of patient care. But connectivity comes at a price—vulnerability to hackers, viruses, and other malware.

Since federal regulators began tracking major health data breaches, more than 1,700 incidents impacting nearly 170 million people have been posted to the Department of Health and Human Services Office of Civil Rights’ breach portal. More than 90 hacking incidents were reported in 2016 alone.

“I think things will continue to get worse before they get better simply because there’s a lag time between deploying compensating controls and seeing improved outcomes. In 2017, healthcare delivery organizations will continue to struggle to maintain the security of their clinical networks and medical devices because of the number of legacy devices out there,” Fu predicted. “Most medical devices were not designed with security in mind, and we’re still trying to catch up. That is why I am very pleased to see the passionate contributions to the AAMI Device Security Working Group co-chaired by Ken Hoyme and Geoffrey Pascoe.”

During his presentation, Fu plans to probe the risks, benefits, and regulatory issues for medical device cybersecurity and provide insight into the development of trustworthy medical device software.

“I hope that people will come out of my presentation with a less sensational view of the issues and a more optimistic view of the future of medical device security,” Fu said. “It’s not about eliminating risk but about controlling and managing risk. It can be done—it’s not impossible.”

Registration for AAMI 2017 is now open, and those who register before March 20 will receive an “early bird” discount. For more information, visit www.aami.org/ac.