In October, Singapore plans on starting a 90-day trial to determine the cybersecurity risk of medical devices. This is a joint effort between Singapore’s MOH, the Cyber Security Agency and the National Health Technology Agency (Synapxe). The fear is that some devices that keep people alive like pacemakers, defibrillators, respiratory ventilators, and others, can be hacked. Also, some diagnostic devices that are attacked could yield inaccurate diagnoses and subsequent inappropriate treatment plans. According to the Cyber Security Agency, about 15% of Singapore’s medical devices are connected to the internet via local hospitals and home systems. Thus, this trial will rate medical devices in terms of their cybersecurity and hopefully lead doctors and patients to choose safer products.
For this trial, there will be 4 levels of cybersecurity ratings and labels. Devices labeled Level 1 will have reached basic cyber-security standards. Devices labeled Level 2 will have reached enhanced cyber-security requirements. Finally, devices labeled Level 3 and Level 4 will have met Level 2 standards but also need to meet third-party software security evaluation and binary analysis. Once this trial is over, Singapore plans to roll out this cybersecurity labeling process for all appropriate devices in Singapore. To help device companies that do not have the cybersecurity expertise to do this, the Singapore Cyber Security Agency will develop a training program for device makers.
------------------------------
Ames Gross
President
Pacific Bridge Medical
Bethesda, MD
www.pacificbridgemedical.comcontact@pacificbridgemedical.com------------------------------