As if health care entities don’t have enough to worry about  during this chaotic and difficult time in the pandemic, a new report released by Cynerio, entitled “The State of IoMT Device Security 2022,” provides a list of medical devices that are considered Internet of Things, and therefore dubbed Internet of Medical Things (IoMT) that pose risks to patient care.

IV pumps pose the highest risk. According to the report, “a whopping 73% of those IV pumps have a vulnerability that would jeopardize patient safety, data confidentiality or service availability if it were to be exploited by an adversary.”

Another dire statistic is that “More than half of connected medical and other IoT devices in hospitals have a known critical vulnerability….A third of bedside health care IoT devices, the devices closest to patient care that patients most depend on for optimal health outcomes, have an identified critical risk.”

According to the report, there are measures health care entities can take to address these risks, including quarantine and segmentation. The report provides a robust discussion on IoMT now and in the future.

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.