Grand Rounds 2:15

Posted by on Jan 2, 2006 in Uncategorized | 0 comments

Wow, Tom Reynolds is an early bird with this weeks Grand Rounds. Tom is an RN working as an EMT in London and has an interesting blog, Random Acts of Reality (Trying to kill as few people as possible…) This weeks installment is quick, breezy and pretty interesting. I especially liked this one:

I read Medviews’ post, but being in the land of milk, honey and
socialised medicine I have no idea what they are talking about.  I think it’s something about Doctors and pay.

What, no unions? Tom, you are being sarcastic – right?

Share
Read More

Windows Devices Face Huge New Threat

Posted by on Jan 2, 2006 in Company Profiles, Patient Flow | 0 comments

Software-Virus

Bad news for Microsoft Windows users. Computer security experts have confirmed the existence of a new exploit for inserting trojans or spyware into devices running every version of Microsoft Windows released since 1990. Whoa.

The Microsoft Windows flaw, which allows hackers to infect computers
using programs maliciously inserted into seemingly innocuous image
files, was first discovered last week. But the potential for damaging attacks increased dramatically at the
weekend after a group of computer hackers published the source code
they used to exploit it.

Unlike most attacks, which require victims to download or execute a
suspect file, the new vulnerability makes it possible for users to
infect their computers with spyware or a virus simply by viewing a web
page, e-mail or instant message that contains a contaminated image.

What's not clear is whether this vulnerability extends to Windows used in embedded devices like ultrasound systems, ECG systems and patient monitors. True one doesn't surf the web with most medical devices, but there may be other ways to exploit the vulnerability. Another wrinkle is that while Microsoft is aware of the problem and working on a patch, it's doubtful that the resulting patch will apply beyond currently available or supported operating systems. Hint: many embedded devices are a few releases behind and may be running versions that Microsoft's dropped support for.

Do you know which of your medical devices and systems are running Windows? Have you completed the HIMSS Manufacturer Disclosure Statement for Medical Device Security for your devices? Another great resource is security expert Bruce Schneier's newsletter, Crypto-Gram. And of course, he's got a blog as well.

UPDATE: After becoming aware last week about the vulnerability in the Windows Meta File (WMF) code area of Windows, Microsoft has been working on a patch. This story reports that Microsoft has completed the patch and is in testing. They hope to release the update on Tuesday,
January 10, 2006, as part of its monthly release of security bulletins
on the second Tuesday of the month. The update will be released
worldwide simultaneously in 23 languages for all affected versions of
Windows once it passes a series of rigorous testing procedures.

UPDATE: More technical details on the vulnerability here. It seems that The SANS Institute's Internet Storm Center advised to patch Windows with an unofficial patch from a third party. And here's the link to Microsoft's advisory.

Share
Read More

2005 in Review: Technology Shift Impacting Vendors

Posted by on Jan 2, 2006 in Uncategorized | 0 comments

Last week Matthew Holt published a Year in Review issue of his FierceHealthcare email newsletter. The last item caught my eye.

Behind all the shouting, a very real trend is underway. FDA-regulated medical
device companies are introducing wired and wireless communication technologies
into their products. Meanwhile, implantable devices like stents, catheters and
pumps are continuing to use more and more pharmaceuticals integral to their
design. So, big medical device manufacturers like Medtronic and GE are finding
the boundary between software, pharmaceutical and biotech companies increasingly
blurred. The question of who regulates medical software is not too far behind.

And howdy. It seems like everyone's getting out of their comfort zone. These new connectivity and pharmacological features are as new and different for the customer as it is for vendors. The needs assessment and vendor selection process has been turned on its head.

Based on conversations I've had the FDA is indeed watching, they take their role in protecting the public seriously indeed. Conversely, there doesn't seem to be much interest in extending their regulatory mandate beyond its current scope. But Matthew is right, things are changing. If the industry adapts with embracing best practices and new standards, this prospective regulatory burden can be avoided. But if the industry chooses to stick with the “tried and true” approach of the past (sadly, a tendancy of health care) we're in for some radical changes.

Its a good time to be a connectologist!

[Hat tip: FierceHealthcare]

Share
Read More

Grand Rounds 2:14

Posted by on Jan 2, 2006 in Uncategorized | 0 comments

I was remiss last week to note that there's a great “Best of 2005″ Grand Rounds over at Matthew Holt's The Health Care Blog. Go check it out.

Share
Read More