科技报告详细信息
Medical Devices: FDA Should Expand Its Consideration of Information Security for Certain Types of Devices
United States. Government Accountability Office.
United States. Government Accountability Office.
关键词: Government accountability -- United States.;    information security;    health care;    medical devices;    letter report;   
RP-ID  :  GAO-12-816
RP-ID  :  647764
美国|英语
来源: UNT Digital Library
PDF
【 摘 要 】

A letter report issued by the Government Accountability Office with an abstract that begins "Several information security threats exist that can exploit vulnerabilities in active implantable medical devices, but experts caution that efforts to mitigate information security risks may adversely affect device performance. Threats to active devices—that is, devices that rely on a power source to operate—that also have wireless capability can be unintentional, such as interference from electromagnetic energy in the environment, or intentional, such as the unauthorized accessing of a device. Several experts consider certain threats to be of greater concern than others; for example, experts noted less concern about interference from electromagnetic energy than other threats. Incidents resulting from unintentional threats have occurred, such as a malfunction resulting from electromagnetic interference, but have since been addressed. Although researchers have recently demonstrated the potential for incidents resulting from intentional threats in two devices—an implantable cardioverter defibrillator and an insulin pump—no such actual incidents are known to have occurred, according to the Food and Drug Administration (FDA). Medical devices may have several such vulnerabilities that make them susceptible to unintentional and intentional threats, including untested software and firmware and limited battery life. Information security risks resulting from certain threats and vulnerabilities could affect the safety and effectiveness of medical devices. These risks include unauthorized changes of device settings resulting from a lack of appropriate access controls. Federal officials and experts noted that efforts to mitigate information security risks need to be balanced with the potential adverse effects such efforts could have on devices’ performance, including limiting battery life."

【 预 览 】
附件列表
Files Size Format View
647764.pdf 1166KB PDF download
  文献评价指标  
  下载次数:24次 浏览次数:26次