AAMI Wireless Group, MDISS Commence Discussions on Improving Cybersecurity

Posted September 11, 2017

AAMI’s Wireless Strategy Task Force (WSTF) met with Dale Nordenberg, executive director of the Medical Device Innovation, Safety, and Security Consortium (MDISS), via conference call to learn about MDISS's efforts and explore potential collaborations between the groups, both of which have interest in improving medical device cybersecurity.

WSTF is a group of approximately 30 wireless experts who collaborate to address the wireless-related needs of the healthcare technology management community, including managing wireless spectrum to ensure that medical devices are able to effectively communicate with one another and addressing wireless cybersecurity vulnerabilities. WSTF’s mission includes natural overlap with MDISS, a nonprofit with a charge to advance healthcare by focusing on the safety and security of medical devices.

The idea to get in touch came after AAMI published a news story that was posted in a WSTF discussion group on AAMI Connect. The story described MDISS’s recent launch of a worldwide network of security “proving grounds.” The MDISS World Health Information Security Testing Lab (WHISTL), which is beginning operations at sites around the world, is designed to test the security of medical devices, identify vulnerabilities, and develop solutions to improve device security. WHISTL will use both the UL 2900 and ANSI/AAMI/IEC 80001 series of standards when testing the cybersecurity of medical devices, according to a press release. The 80001 series deals with the application of risk management to a hospital information technology network that uses medical devices.

“The story about WHISTL caught the attention of WSTF members, who were curious about whether AAMI had any current involvement or relationship with MDISS. We didn’t have a formal relationship, so we decided now was a good time to get in touch,” said Patrick Bernat, director of healthcare technology management at AAMI.

MDISS is perhaps best known for developing the Medical Device Risk Assessment Platform (MDRAP), a free assessment tool and online community that helps healthcare systems and device manufacturers better understand, analyze, and mitigate medical device security risks. That tool was featured in cybersecurity presentations at the AAMI 2017 Conference & Expo and at the “Manny Meeting,” which is held in conjunction with the annual conference.

Following the call, WSTF and MDISS agreed to follow-up discussion to explore potential collaborations.