Connectivity and Hackability

Connectivity and Hackability

It is somewhat ironic that Hospira and Cerner announced a new collaboration on Hospira’s infusion pumps and Cerner’s EHR given that Hospira has recently had more than its share of attention with respect to asserted LifeCare and Symbiq pump cybersecurity vulnerabilities. This attention included a notice from the Department of Homeland Security as well as from the FDA (here and here). I found it of interest that despite the widespread hype around these notices there has been no recall of these pumps for the related issues. Instead advice was given to transition away from their use, mitigate the risks by some technical changes, and await Hospira’s updates.

Share
Read More

Some Funky Cybersecurity Math

Some Funky Cybersecurity Math

Assessing the magnitude and significance of cyber threats has at least two important purposes. One is to determine the extent of measures that have been or should be taken to respond to or counter the threat. This is part of the rational deployment of resources across the multiple risks that we face, whether cyber or otherwise. In this regard it is simply not possible or necessary to respond to all risks with equal vigor. A second purpose can be to communicate threat significance to or among interested parties. For such communication there is a tendency to reduce complex, multifaceted issues to a simple broad summary word, e.g., the threat level is “Guarded”. Such simplicity is possibly attractive but not necessarily meaningful with regard to what to do with the information communicated.

Share
Read More

DHHS OIG Work Plan Targets Networked Devices

DHHS OIG Work Plan Targets Networked Devices

The Office of the Inspector General (OIG) of the U.S Department of Health and Human Services has released a report (pdf) outlining its 2015 work plan.  Among a host of subjects is “Information Technology Security, Protected Health Information, and Data Accuracy” with the subsection “Controls over networked medical devices at hospitals”. The focus here is on the security of  patient electronic health information which is to be protected under law. Other risks associated with device networking are not addressed.

Share
Read More

FDA Takes Step Backwards with New MDDS Guidance

FDA Takes Step Backwards with New MDDS Guidance

This summer, FDA proposed lifting regulations from certain currently regulated medical devices. This unprecedented policy shift targets devices known as Medical Device Data Systems (MDDS) and is intended to benefit the mobile app industry and companies like Google, Apple and others. The current regulatory burden for MDDS devices is Class I, 510(k) exempt. This means manufacturers have to follow a basic quality system (i.e., design controls) on par with ISO9001, and report instances of patient injury or death in addition to any product recalls to FDA.

The following is a guest blog post embodied in an abridged version of a comment submitted to FDA in response to their draft guidance.

Share
Read More

Messaging Middleware Growth Strategies

Messaging Middleware Growth Strategies

Developing and launching a competitive product, and getting initial traction in the market are not inconsiderable milestones. And yet for the entrepreneur and their investors, this is just the beginning. What was record setting last quarter is barely acceptable this quarter, and next quarter had better be back on track.

Developing a solid plan for growth depends on two things: a good understanding of the basic means to drive growth, and a deep understanding of the market. This post seeks to combine both of these in a brief survey of the key factors to drive messaging middleware revenue growth in health care. We’re going to consider three basic growth strategies: organic growth, product line extension, and the roll-up strategy.

Share
Read More

Messaging Middleware Market Segmentation & Adoption

Messaging Middleware Market Segmentation & Adoption

The previous post in this series suggested a set of characteristics to define the messaging middleware market and described the typical product architecture for these systems. In this post, we’ll look at ways the market may be segmented and how the market is adopting these systems.

Market Segmentation

Market segmentation is the dividing of a broader market into subsets of potential buyers who have common market requirements who then become the target for your product, sales and marketing. Using my favorite market adoption model, Geoffrey Moore’s Crossing the Chasm, this is the bowling alley strategy. Software developers in the messaging middleware market are currently pursuing a variety of market segments or bowling alleys.

Share
Read More