Category: Software security

The effectiveness of access controls in clinical data exchange

Sharepoint or not. Hint – not. Transferring a dump of clinical trial data?  It was recently suggested to us by a data manager, that he could share the clinical data using their Sharepoint server.   This is a very bad idea. It’s possible that the data manager’s IT manager has secured their Sharepoint server with best […]

Killed by code – back to the future

I hope that the code in your digital therapeutic for treating autistic children, doesn’t look like this. Back in 2011, I thought it would only be a question of time before we have a drive by execution of a politician with an ICD (implanted cardiac device). In Jan 9, 2017 FDA reported in a FDA Safety […]

A word to Teva on firing employees and assuring data security

To be able to do something before it exists, sense before it becomes active, and see before it sprouts. The Book of Balance and Harmony (Chung-ho chi). A medieval Taoist book In early December 2017, the Israeli pharmaceutical generics company Teva announced it would lay off about 1,700 of its employees in Israel, who make up […]

What is more important – patient safety or hospital IT?

What is more important – patient safety or the health of the enterprise hospital Windows network?  What is more important – writing secure code or installing an anti-virus? A threat analysis was performed on a medical device used in intensive care units.  The threat analysis used the PTA (Practical threat analysis) methodology. Our analysis considered […]

The top 5 things a medical device vendor should do for HIPAA compliance

We specialize in software security assessments, FDA cyber-security and HIPAA compliance for medical device vendors in Israel. The first question that every medical device vendor CEO asks us is “What is the fastest and cheapest way for us to be HIPAA-compliant”? So here are the top 5 things a medical device vendor should do in order to […]

Shock therapy for medical device malware

Israel has over 700 medical device vendors.  Sometimes it seems like half of them are attaching to the cloud and the other are developing mobile apps for all kinds of crazy, innovative applications like Healthy.io ( Visual Input Turned Into Powerful Medical Insight – translation: an app that lets you do urine analysis using your smart phone). […]

Software in Medical Devices – Update

We have previously written about various aspects of the software development process, especially, the verification and validation activities in implanted and invasive medical devices. Here is  an update on what is happening in the regulatory arena and how the regulatory groups are checking up on what we are doing. Software Recalls 2012 The estimate for software recalls […]

The mistakes you will make on your next cloud project

Are you considering cloud security in the abstract or cloud security in your software? Looking at cloud security issues in the abstract, we see 4 areas of concern: Mobility of Resources and multi-tenancy Identity and access management Data protection Incident response and assessment When choosing a cloud solution for your business application, it is easy […]

Bionic M2M: Are Skin-mounted M2M devices – the future of eHealth?

In the popular American TV series that aired on ABC in the 70s, Steve Austin is the “Six million Dollar Man”, a former astronaut with bionic implants. The show and its spinoff, The Bionic Woman (Lindsay Wagner playing a former tennis player who was rebuilt with bionic parts similar to Austin after a parachuting accident) […]