Security Research Institute

Slides:

Advertisements

Similar presentations

HIPAA How It Is Affecting Information Systems Within Companies Around Us.

Advertisements

Dr. Michael E. Oehlsen International Policy Analyst International Programs Team - Office of the Director Center for Veterinary Medicine Food and Drug Administration.

National Infrastructure Protection Plan

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

EMI Higher Education Symposium 5 June 2014

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”

LIMITLESS POTENTIAL | LIMITLESS OPPORTUNITIES | LIMITLESS IMPACT Copyright University of Reading IMPACT AND THE SCIENCES Anthony Atkin (Research Impact.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Regulatory Update Ellen Leinfuss SVP, Life Sciences.

Eureka Pre-Clinical Investigation Animal toxicology Animal pharmacokinetics/ pharmacodynamics Clinical Investigation Phase I Safety and pharmacology Phase.

Access to Clinical Expertise Steve Bain David Powell Jemma Hughes Paula Jeffries.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

BSides Las Vegas 2015 Tuesday, August 4, Medical Overview Many, many stakeholders Diversity of devices, from swallowable pills to enormous radiological.

1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

Association of Defense Communities June 23, 2015

Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.

ACCREDITED CONSULTANTS PVT LTD. (ACPL) WELCOMES YOU Your PHARMACOVIGILANCE PARTNER.

FDA Regulation Economically Harmful & Morally Indefensible.

UPCOMING CHANGES TO IN-VITRO DIAGNOSTICS (IVDs) AND LABORATORY DEVELOPED TESTS (LDTs) REGULATIONS Moj Eram, PhD November 5, 2015.

Alex Adamec.  Any physical or virtual information system that controls, processes, transmits, receives, or stores electronic information in any form.

PHDSC Privacy, Security, and Data Sharing Committee Letter to Governors.

ERCOT IT Update Ken Shoquist VP, CIO Information Technology Board Meeting February 2004.

Climatic Recovery: Brownfields as Backdrops to Community Health and Resilience Suzi Ruhl, JD, MPH Senior Attorney Advisor Office of Environmental Justice,

KEVIN BEDAL LISA CARLIN MATT CARROLL ERIN NICHOLS Product Safety & Failure Analysis.

iHEA 9th World Congress Sydney, July 8, 2013

Security and resilience for Smart Hospitals Key findings

Society for Maintenance and Reliability Professionals (SMRP)

Regulatory Updates Health Sciences Authority Singapore

Contingent Workforce: Cerner Quality System & Regulations

FDA's Two New Draft Guidance on Software and Device

Australian Jurisdictional Update March 2017

Making the Connection ISO Master Class An Overview.

MEM Cybersecurity Working Group Update to PCD Technical Committee

Efficacy and Safety of Medicines

Impact and the Physical Sciences

Disaster and Emergency Planning

U.S. FDA Center for Devices and Radiological Health Update

Sendai Framework for Disaster Risk Reduction

Clinical Research Contribution towards improving Clinical Care

Cybersecurity of Medical Devices

MEM Cybersecurity Working Group Update to PCD Technical Committee

and Security Management: ISO 28000

Jeff Shuren, MD, JD Center for Devices and Radiological Health U. S

WHAT is Project Matrix? An effort designed to:

National Immunization Conference April 19, 2010

California Cybersecurity Integration Center (Cal-CSIC)

What we all need to know about the powers that be!

Hello, Today we will look at cyber security and the Internet of Things and how it could impact our business.

Outline Responsible authorities for reporting under the IHR

PHARMA AUDIOCONFERENCE An Analysis of the HHS OIG Draft Compliance Program Guidance for the Pharmaceutical Industry Overview of Draft CPG Michael P.

Unit 2: Recovery Pre-Disaster Planning Guidance for Local Governments

FDA-CDRH in the Next Decade A Vision for Change

8 Building Blocks of National Cyber Strategies

Building A Community of Trust to Transform Medicines Development

Cybersecurity: The State Regulators’ Perspective

Emergency Management ESFs NIMS, ICS, and HICS Regulations and

NERC Cyber Security Standard

Cyber security Policy development and implementation

Cybersecurity ATD technical

Emergency Management ESFs NIMS, ICS, and HICS Regulations and

Securing Critical Chemical Assets: The Responsible Care® Security Code

FDA Sentinel Initiative

Opening an IND: Investigator Perspective

Bachelor Degree Programs

Tobey Clark, Director*, Burlington USA

Deborah Housen-Couriel, ADV.

Regulatory Perspective of the Use of EHRs in RCTs

IoT in Healthcare: Life or Death

Civil Air Patrol Critical Infrastructure Austin Worcester 15 Jul 2019.

Interconnection of good practices: from development to distribution

Presentation transcript:

Security Research Institute Post Market Surveillance for Cyber Security of Healthcare Internet of Things (HIoT) devices in Australian Healthcare and Public Health Sector

Cyber Security in Healthcare Sector Security Research Institute Cyber Security in Healthcare Sector DHS PPD-21 identified Health care and public health sector among Critical Infrastructure Sector. “The Federal Government shall work with critical infrastructure owners and operators and state, local, tribal, and territorial (SLTT) entities to take proactive steps to manage risk and strengthen the security and resilience of the Nation's critical infrastructure, considering all hazards that could have a debilitating impact on national security, economic stability, public health and safety, or any combination thereof. These efforts shall seek to reduce vulnerabilities, minimize consequences, identify and disrupt threats, and hasten response and recovery efforts related to critical infrastructure.”

Cyber Security in Healthcare Sector Security Research Institute Cyber Security in Healthcare Sector Food and Drug Administration Authority (FDA) in Jan 2017 issued non-binding recommendations for “Post Market Management of Cybersecurity in Medical Devices”.

Cyber Security in Healthcare Sector Security Research Institute Cyber Security in Healthcare Sector Therapeutic Goods Administration (TGA) acknowledges that Cyber Security is a key element. (May 2017) Efforts are underway to define pathways to regulate the compliance. Key Issue: Post market surveillance of medical device.

Cyber Security in Healthcare Sector Security Research Institute Cyber Security in Healthcare Sector Why post market surveillance of medical devices? Direct monitoring of the functional Orientation of the Medical Devices. Quick Anomaly Response Downstream Application in Coronial Investigations Shared Risks among the stakeholders

Example Continuous Glucose Monitoring Unit Subsidized by the Government in 2017 Approved unit by the TGA Connected to the Insulin pump via Bluetooth. Irregular dosage can cause serious harm to the patients. The list goes on.

Cyber Security in Healthcare Sector Who are we? Security Research Institute at Edith Cowan University. Academic Centre of Cyber Security Excellence (ACCSE) Research Themes critical infrastructure security human security cyber security digital forensics.

Cyber Security in Healthcare Sector So what are the Cyber security Issues in Health care and Public Health Sector Key Assets Patient Data Security Healthcare Information Systems Medical Control Systems Medical Information Systems Medical Devices Security Monitoring and Governance Unskilled (Absent) workforce

Cyber Security in Healthcare Sector What is post market surveillance? “Postmarketing surveillance (PMS) (also post market surveillance) is the practice of monitoring the safety of a pharmaceutical drug or medical device after it has been released on the market and is an important part of the science of pharmacovigilance.”

Cyber Security in Healthcare Sector Can we test a device for foreseen and unforeseen anomalies before releasing it into the market? Yes, you can.

Cyber Security in Healthcare Sector Post-market Surveillance of Medical Devices for Cyber Security in Medical and Healthcare Sector in Australia OR POStCODE for short.

POStCODE Medical Devices have three main technological portals. Medical Data: Generated after interacting with the patient/environment. Control Data: Contains instructions sent to or received from the medical device. Management Data: Use to update the firmware of Medical Devices.

POStCODE Medical Devices have three main technological portals. Medical Data  Property of the patient or caregiver institute. Control Data  Sent directly to the device locally/remotely. Management Data  Sent directly to the device locally/remotely.

POStCODE Medical Devices have three main technological portals. Medical Data  Property of the patient or caregiver institute. Control Data  Sent directly to the device locally/remotely. Management Data  Sent directly to the device locally/remotely.

POStCODE

POStCODE

POStCODE POStCODE Repository Clients Regulatory Bodies i.e. FDA, TGA, EMA etc. Device Manufacturers HIS administrators Research and Development

POStCODE Future work POStCODE Real time Implementation Collaboration and joint projects Workforce training Assistance in policy development.

POStCODE Conclusion Duty of care towards improving the caregiving facilities for the vulnerable and needy Australians. Open issues that need immediate action.

Who am I?