Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Research Institute

Published byCarmel Ray Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Research Institute"— Presentation transcript:

1 Security Research Institute
Post Market Surveillance for Cyber Security of Healthcare Internet of Things (HIoT) devices in Australian Healthcare and Public Health Sector

2 Cyber Security in Healthcare Sector
Security Research Institute Cyber Security in Healthcare Sector DHS PPD-21 identified Health care and public health sector among Critical Infrastructure Sector. “The Federal Government shall work with critical infrastructure owners and operators and state, local, tribal, and territorial (SLTT) entities to take proactive steps to manage risk and strengthen the security and resilience of the Nation's critical infrastructure, considering all hazards that could have a debilitating impact on national security, economic stability, public health and safety, or any combination thereof. These efforts shall seek to reduce vulnerabilities, minimize consequences, identify and disrupt threats, and hasten response and recovery efforts related to critical infrastructure.”

3 Cyber Security in Healthcare Sector
Security Research Institute Cyber Security in Healthcare Sector Food and Drug Administration Authority (FDA) in Jan 2017 issued non-binding recommendations for “Post Market Management of Cybersecurity in Medical Devices”.

4 Cyber Security in Healthcare Sector
Security Research Institute Cyber Security in Healthcare Sector Therapeutic Goods Administration (TGA) acknowledges that Cyber Security is a key element. (May 2017) Efforts are underway to define pathways to regulate the compliance. Key Issue: Post market surveillance of medical device.

5 Cyber Security in Healthcare Sector
Security Research Institute Cyber Security in Healthcare Sector Why post market surveillance of medical devices? Direct monitoring of the functional Orientation of the Medical Devices. Quick Anomaly Response Downstream Application in Coronial Investigations Shared Risks among the stakeholders

6 Example Continuous Glucose Monitoring Unit
Subsidized by the Government in 2017 Approved unit by the TGA Connected to the Insulin pump via Bluetooth. Irregular dosage can cause serious harm to the patients. The list goes on.

7 Cyber Security in Healthcare Sector
Who are we? Security Research Institute at Edith Cowan University.  Academic Centre of Cyber Security Excellence (ACCSE)  Research Themes critical infrastructure security human security cyber security digital forensics.

8 Cyber Security in Healthcare Sector
So what are the Cyber security Issues in Health care and Public Health Sector Key Assets Patient Data Security Healthcare Information Systems Medical Control Systems Medical Information Systems Medical Devices Security Monitoring and Governance Unskilled (Absent) workforce

9 Cyber Security in Healthcare Sector
What is post market surveillance? “Postmarketing surveillance (PMS) (also post market surveillance) is the practice of monitoring the safety of a pharmaceutical drug or medical device after it has been released on the market and is an important part of the science of pharmacovigilance.”

10 Cyber Security in Healthcare Sector
Can we test a device for foreseen and unforeseen anomalies before releasing it into the market? Yes, you can.

11 Cyber Security in Healthcare Sector
Post-market Surveillance of Medical Devices for Cyber Security in Medical and Healthcare Sector in Australia OR POStCODE for short.

12 POStCODE Medical Devices have three main technological portals.
Medical Data: Generated after interacting with the patient/environment. Control Data: Contains instructions sent to or received from the medical device. Management Data: Use to update the firmware of Medical Devices.

13 POStCODE Medical Devices have three main technological portals.
Medical Data  Property of the patient or caregiver institute. Control Data  Sent directly to the device locally/remotely. Management Data  Sent directly to the device locally/remotely.

14 POStCODE Medical Devices have three main technological portals.
Medical Data  Property of the patient or caregiver institute. Control Data  Sent directly to the device locally/remotely. Management Data  Sent directly to the device locally/remotely.

15 POStCODE

16 POStCODE

17 POStCODE POStCODE Repository Clients
Regulatory Bodies i.e. FDA, TGA, EMA etc. Device Manufacturers HIS administrators Research and Development

18 POStCODE Future work POStCODE Real time Implementation
Collaboration and joint projects Workforce training Assistance in policy development.

19 POStCODE Conclusion Duty of care towards improving the caregiving facilities for the vulnerable and needy Australians. Open issues that need immediate action.

20 Who am I?

Download ppt "Security Research Institute"

Similar presentations

HIPAA How It Is Affecting Information Systems Within Companies Around Us.

HIPAA How It Is Affecting Information Systems Within Companies Around Us.
Dr. Michael E. Oehlsen International Policy Analyst International Programs Team - Office of the Director Center for Veterinary Medicine Food and Drug Administration.

Dr. Michael E. Oehlsen International Policy Analyst International Programs Team - Office of the Director Center for Veterinary Medicine Food and Drug Administration.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
EMI Higher Education Symposium 5 June 2014

EMI Higher Education Symposium 5 June 2014
Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order 13636 “Improving Critical Infrastructure Cybersecurity”

Framework for Improving Critical Infrastructure Cybersecurity Overview and Status Executive Order “Improving Critical Infrastructure Cybersecurity”
LIMITLESS POTENTIAL | LIMITLESS OPPORTUNITIES | LIMITLESS IMPACT Copyright University of Reading IMPACT AND THE SCIENCES Anthony Atkin (Research Impact.

LIMITLESS POTENTIAL | LIMITLESS OPPORTUNITIES | LIMITLESS IMPACT Copyright University of Reading IMPACT AND THE SCIENCES Anthony Atkin (Research Impact.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Regulatory Update Ellen Leinfuss SVP, Life Sciences.

Regulatory Update Ellen Leinfuss SVP, Life Sciences.
Eureka Pre-Clinical Investigation Animal toxicology Animal pharmacokinetics/ pharmacodynamics Clinical Investigation Phase I Safety and pharmacology Phase.

Eureka Pre-Clinical Investigation Animal toxicology Animal pharmacokinetics/ pharmacodynamics Clinical Investigation Phase I Safety and pharmacology Phase.
Access to Clinical Expertise Steve Bain David Powell Jemma Hughes Paula Jeffries.

Access to Clinical Expertise Steve Bain David Powell Jemma Hughes Paula Jeffries.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
BSides Las Vegas 2015 Tuesday, August 4, 2015. Medical Overview Many, many stakeholders Diversity of devices, from swallowable pills to enormous radiological.

BSides Las Vegas 2015 Tuesday, August 4, Medical Overview Many, many stakeholders Diversity of devices, from swallowable pills to enormous radiological.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.

1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Association of Defense Communities June 23, 2015

Association of Defense Communities June 23, 2015
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.

Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
ACCREDITED CONSULTANTS PVT LTD. (ACPL) WELCOMES YOU Your PHARMACOVIGILANCE PARTNER.

ACCREDITED CONSULTANTS PVT LTD. (ACPL) WELCOMES YOU Your PHARMACOVIGILANCE PARTNER.
FDA Regulation Economically Harmful & Morally Indefensible.

FDA Regulation Economically Harmful & Morally Indefensible.
UPCOMING CHANGES TO IN-VITRO DIAGNOSTICS (IVDs) AND LABORATORY DEVELOPED TESTS (LDTs) REGULATIONS Moj Eram, PhD November 5, 2015.

UPCOMING CHANGES TO IN-VITRO DIAGNOSTICS (IVDs) AND LABORATORY DEVELOPED TESTS (LDTs) REGULATIONS Moj Eram, PhD November 5, 2015.
Alex Adamec.  Any physical or virtual information system that controls, processes, transmits, receives, or stores electronic information in any form.

Alex Adamec.  Any physical or virtual information system that controls, processes, transmits, receives, or stores electronic information in any form.

Similar presentations

Ads by Google