< Capital Corporation
GDPR Team Our Work About Us Contact
Capital Corporation
Overview Medical devices are easy-targets and used as entry-points into networks for attackers Network-connected misconfigured medical devices that are infected by malware can disable a device from properly performing its clinical function. This, in turn, could lead to a patient safety concern..

Because we can

We understand

Cybersecurity triad – Confidentiality – Integrity – Availability Need to understand the impact of each of these as applied to medical device security and patient safety A framework or methodology is necessary to identify and address vulnerabilities and ensure the secure operation of medical devices Threat modeling for medical devices will help in developing a security strategy Incident response plans need to address medical device breaches. Multi-disciplinary team approach recommended – physician / practitioner, Biomed, IT, cybersecurity Evaluate your environment Do you know where your medical devices are? What are the vulnerabilities? What compensating controls are applied? Do you know who makes decisions when a medical device is compromised? Is a multidisciplinary team involved in risk decisions regarding medical devices that are hacked/malware infected? Are medical devices addressed in your Incident Response Plan? Solid methodology or framework needed to secure medical devices Governance to ensure risk decisions are being made at the appropriate level and by the appropriate party in the organization - include appropriate stakeholders Malware infected medical diagnostic device – Could impact Confidentiality, Integrity and / or Availability ANY of these COULD impact patient safety Used in diagnosis and treatment decisions by physician Neurology Department uses embedded medical application (running on Windows OS) to monitor patients seizure activity Data integrity could be an issue Safety of patient diagnosis/ treatment decisions Decision – leave it up or shut it down? Risk assessment – patient safety paramount Patient Safety Considerations: Confidentiality – breach of patient information, HIPAA regulatory and liability (civil and regulatory) Integrity - data used to make treatment decisions – patient safety Availability – outage creates critical gap in patient monitoring or treatment patient safety .

Go to our Recommended Site to learn more!


Contact Us


HUN 1032. Budapest Radnóti Miklós u.2 6. fl.

Budapest, HUN

+3620 3222-435