Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Securing Wireless Infusion Pumps in Healthcare Delivery Organizations



Gavin W. O'Brien, Sallie Edwards, Kevin Littlefield, Neil McNab, Sue Wang, Kangmin Zheng


Medical devices, such as infusion pumps, were once standalone instruments that interacted only with the patient or medical provider. However, today’s medical devices connect to a variety of healthcare systems, networks, and other tools within a healthcare delivery organization (HDO). Connecting devices to point-of-care medication systems and electronic health records can improve healthcare delivery processes; however, increasing connectivity capabilities also creates cybersecurity risks. Potential threats include unauthorized access to patient health information, changes to prescribed drug doses, and interference with a pump’s function.
Special Publication (NIST SP) - 1800-8
Report Number


authentication, authorization, digital certificates, encryption, infusion pumps, Internet of Things (IoT), medical devices, network zoning, pump servers, questionnaire-based risk assessment, segmentation, virtual private network (VPN), Wi-Fi, wireless medical devices


O'Brien, G. , Edwards, S. , Littlefield, K. , McNab, N. , Wang, S. and Zheng, K. (2018), Securing Wireless Infusion Pumps in Healthcare Delivery Organizations, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed June 14, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 20, 2018, Updated January 27, 2020