Are Medical Devices & Systems Hack Proof?
At a recent Black Hat conference, a diabetic man demonstrated how to spoof a wireless insulin pump, causing a life-threatening situation. At a hospital in 2013, a computer program issued a dosage of medicine 76 times the required dose, due to a program glitch. In an IoT era where revolutionary medical software and implantable devices give hope to people with chronic disorders, they also stand as a new frontier for security and privacy. As clinicians increasingly rely on computers vs. common sense, and medical devices become increasingly vulnerable to security breaches, it’s time for new dialog on trust and security for Medtech.
John Halamka MD MS, CIO, Beth Israel Deaconness Medical Center
John D. Halamka, MD, MS is Chief Information Officer of the Beth Israel Deaconess Medical Center, Chief Information Officer and Dean for Technology at Harvard Medical School, Chairman of the New England Health Electronic Data Interchange Network (NEHEN), CEO of MA-SHARE (the Regional Health Information Organization), Chair of the US Healthcare Information Technology Standards Panel (HITSP), and a practicing Emergency Physician. Dr. Halamka completed his undergraduate studies at Stanford University where he received a degree in Medical Microbiology and a degree in Public Policy with a focus on technology issues. While at Stanford he served as research assistant to Dr. Edward Teller, Dr. Milton Friedman, and presidential candidate John B. Anderson. He authored three books on technology related issues and formed a software development firm, Ibis Research Labs, Inc. He has also served as a columnist and editor for several industry publications and consultant to startup companies.
Kevin Fu, Virta Laboratories
Kevin Fu is credited for establishing the field of medical device security beginning with the 2008 IEEE paper on defibrillator security. Kevin is Chief Scientist of Virta Labs, Inc. and Associate Professor in EECS at the University of Michigan where he directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group (SPQR). Kevin has testified in the House and Senate on matters of information security and has written commissioned work on trustworthy medical device software for the Institute of Medicine of the National Academies. He is member of NIST Information Security and Privacy Advisory Board, the CRA Computing Community Consortium Council, and the ACM Committee on Computers and Public Policy. He was named MIT Technology Review TR35 Innovator of the Year. Kevin served as program chair of USENIX Security and co-chairs the AAMI Working Group on Medical Device Security. He has a B.S., M. Eng and Ph.D. from MIT.
Mary Ward-Callan, Managing Dir Technical Activities, IEEE
Mary Ward-Callan is the Staff Executive at the IEEE responsible for the strategic and operational leadership of the IEEE Technical Communities within the IEEE. The 45 Technical Societies and Councils, and numerous emerging technical communities collectively deliver more than 1300 conferences, 168 periodicals, countless technical training seminars, and three certification programs. Mary has been responsible for the programming and visibility of new technology areas within the IEEE, such as Cloud Computing, Internet of Things, Software Defined Networks, Rebooting Computing. Mary led the Award winning IEEE Humanitarian Technology Challenge; a project that used solid engineering techniques to provide solutions to pressing world problems such as lighting Haiti/Africa/Nicaragua, providing data communications to healthcare facilities in Peru, and providing RFID patient identification in India.
Prior to joining the IEEE, Mary was an Executive Director in the telecommunications industry, employed by Telcordia, Bellcore, and Bell Labs. Mary’s career included significant contributions in local loop design, network simulation, network operations and management, sub-network control, and product testing and product certification. Mary led the network operations activities for several technologies such as SONET, ATM, DLC, VPN and SMDS. She has extensive experience in business management, process re-engineering, requirements management, quality, and project management.
Mary is a Certified Association Executive, holds a Bachelor of Arts (BA) degree in Mathematics from Vassar College (with honors, Phi Beta Kappa), and a Master of Science degree (MSEE) in Electrical Engineering and Computing from Princeton University. She completed the Executive Development Program at Bellcore as well as numerous other key management courses. Mary is a Senior Member of the IEEE and a member of ASAE. She is married with three children and lives in New Jersey, USA.