Securing Wireless Infusion Pumps in Healthcare Delivery Organizations

Published: August 20, 2018

Author(s)

Gavin W. O'Brien, Sallie Edwards, Kevin Littlefield, Neil McNab, Sue Wang, Kangmin Zheng

Abstract

Medical devices, such as infusion pumps, were once standalone instruments that interacted only with the patient or medical provider. However, today’s medical devices connect to a variety of healthcare systems, networks, and other tools within a healthcare delivery organization (HDO). Connecting devices to point-of-care medication systems and electronic health records can improve healthcare delivery processes; however, increasing connectivity capabilities also creates cybersecurity risks. Potential threats include unauthorized access to patient health information, changes to prescribed drug doses, and interference with a pump’s function.
Citation: Special Publication (NIST SP) - 1800-8
Report Number:
1800-8
Pub Type: NIST Pubs

Download Paper

Keywords

authentication, authorization, digital certificates, encryption, infusion pumps, Internet of Things (IoT), medical devices, network zoning, pump servers, questionnaire-based risk assessment, segmentation, virtual private network (VPN), Wi-Fi, wireless medical devices
Created August 20, 2018, Updated November 10, 2018