To reduce increasing rates of cyberattacks on medical devices, such as infusion pumps and biopsy imaging tables, NewYork-Presbyterian Hospital is contracting with manufacturers to run independent cybersecurity tests, according to The Wall Street Journal.
The cyber-defense efforts at the New York City-based hospital are known as "penetration tests," where cyber-experts at the hospital test to see if they can hack different devices. NewYork-Presbyterian began working with outside consultants to discuss cybersecurity defenses in 2017.
Since then, NewYork-Presbyterian has dropped plans to purchase infusion pumps from Smiths Group due to warnings that hackers could take control of the pumps, WSJ reports.
"While we are disappointed with the NYP decision to purchase another system, we are confident in the firmware update and that the pump is safe for patients," a company spokesperson told WSJ.
Other hospitals are requesting device markers share the proprietary software that is used within the devices. The goal is for hospitals to help manufactures develop firewalls and other cyber-defenses.
Boston-based Partners HealthCare required one device maker earlier this year to reveal its device software as part of its contract.
Vizient, which negotiates contracts for products and services on the behalf of 3,100 health systems in the U.S., now includes cybersecurity questions regarding whether the data that device makers use is encrypted and what passwords are used.
Medical device manufacturers are stepping up to provide hospitals with more information. Boston Scientific and Royal Philips NV now disclose data on which third-party software their devices have installed.