Now Is the Time for a Security and Safety Standard for Consumer Smartphones Controlling Diabetes Devices

Klonoff, David C.; Kerr, David; Kleidermacher, Dave

doi:10.1177/1932296817723259

Cited by 4 publications

(2 citation statements)

References 5 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To help with this problem, the Diabetes Technology Society, the organizer of this journal, set up a working group in 2016 that developed a standard for cybersecurity of diabetes devices called DTSec. 11 In 2017 they set up an additional committee and developed DTmoST, 12 a description of how to ensure that a smartphone could be safely used to control a device such as an insulin pump.…”

Section: Controllersmentioning

confidence: 99%

Patch Pumps for Insulin

Ginsberg¹

2018

J Diabetes Sci Technol

View full text Add to dashboard Cite

Newly developed patch pumps are starting to occupy a noticeable fraction of the insulin delivery market. New entrants, using novel technologies, promise accurate, flexible insulin delivery at lower costs. In the section, we review the currently available devices, discuss some of the devices on the horizon, and speculate about some fascinating new approaches. In this first article, we provide an overview of the simplified devices-V-Go, PAQ, and One Touch Via-and of the more complex devices-Omnipod, Cellnovo, JewelPump, Solo, SFC Fluidics pump, Libertas, Medtronic pump, and EOPatch. We also discuss controllers, smartphones, and cybersecurity.

show abstract

Section: Controllersmentioning

confidence: 99%

Patch Pumps for Insulin

Ginsberg¹

2018

J Diabetes Sci Technol

View full text Add to dashboard Cite

show abstract

“…Stakeholders affected by connected medical devices will increasingly demand assurance of safe cybersecurity from health care professionals who are prescribing and overseeing use of these products. 12 DTMoSt aims to provide assurance that off-the-shelf consumer mobile phones can safely control diabetes devices.…”

Section: Dtsecmentioning

confidence: 99%

Standards for Medical Device Cybersecurity in 2018

Yuan

Fernando

Klonoff

2018

J Diabetes Sci Technol

Self Cite

View full text Add to dashboard Cite

Medical devices are increasingly connected wirelessly to each other and to data-management devices. Threats to the accurate flow of information and commands may compromise the safe function of these devices and put users' health at risk. These devices can be on-body wearable or implantable systems that monitor and transmit data from a person and send it to a hub (such as a handheld controller/monitor, another device, a smartphone, a pad, or the cloud) for analysis, presentation, aggregation with other data streams, and storage. Such devices might also receive data or commands to be relayed to the patient. These devices can also be large nonportable devices for diagnosis (eg, MRI, CT, PET, or ultrasound imaging equipment and ICU monitors) or for treatment (eg, infusion pumps, ventilators, and medical lasers located in health care facilities). Sound cybersecurity of medical devices can be achieved by maintaining (1) confidentiality by protecting these devices from unauthorized disclosure, (2) integrity by protecting these products from unauthorized modification, and (3) availability of data by protecting these products from loss of function. 1 A medical data breach, which is the release of secure or private/confidential information to an untrusted environment, can represent a security risk, a safety risk, or both. Five steps for a hospital or medical organization to improve medical device cybersecurity include (1) establishing a risk management plan, (2) building a protection framework, (3) following basic security hygiene, (4) including security in contracts, and (5) building a zero trust network. Hospitals that act to improve medical device cybersecurity will decrease the risk of privacy breaches, financial ransom, and harm to patients. Recent Developments in Standards Recent hacks of hospitals and health insurance companies around the world have put medical device cybersecurity in the public spotlight. NIST published a cybersecurity framework in 2014 2 and an update to this document in 2017. Public comment for the update ended in January 2018. 3 In addition,

show abstract