Andrew O’KeeffeAssociate Director, Software Quality Assurance
Foundation Medicine Inc.
Andrew has more than 30 years of experience in Software development. Including stops at Bell Labs, Draeger Medical, and Foundation Medicine. He lived & worked in Europe, Asia and North America. Currently focused on improving Software quality (and thereby, compliance) in medical devices and bringing security into the mainstream of SDLC practices. AAMI member and co-author of TIR57, member of IES/ISO JWG7 committee working on the next edition of 62304.
Wannacry was the first significant global cyberattack that impacted critical infrastructure in multiple countries. Healthcare was not immune to this attack and medical systems across the globe were affected, most notably the UK National Health System. Healthcare cybersecurity attacks rose 320% from 2015 to 2016 according to Healthcare IT News. As the world increases its connectivity creating the Internet of Things, cybersecurity becomes increasingly crucial to robust operation of critical infrastructure. Medical devices are critical to healthcare organizations being able to provide safe and effective care. Medical devices also pose unique challenges since they touch nearly every facet of healthcare delivery including clinicians, patients, biomedical engineering personnel, information systems personnel and infrastructure. Support and maintenance of medical device systems can vary depending on the hospital department, hospital entity, organizational resources and structure and level of support provided by vendors. Design and implementation of security feature-sets and practices can vary by manufacturer and device line.
This workshop brings together experts with diverse experiences representing healthcare delivery organization (HDO) biomedical engineering and information systems and vendor quality, support and security perspectives. The goal of this workshop is to provide an overview of:
- What are lessons learned from last year’s cyberattacks?
- What is the state of the field of medical device cybersecurity from varying viewpoints?
- How do we, as healthcare delivery organizations, vendors and contractors/consultants improve the cybersecurity posture of the medical device ecosystem?