Medical device security? Forget hackers, think 'hand-washing'

Simply put, security control considerations were "not really part of some of these early medical devices," said Kevin Fu, associate professor of electrical engineering and computer science at University of Michigan. But many of those very medical devices are still in wide use at hospitals across the U.S. Fu has been a longtime researcher into device security. He routinely sees potentially dangerous faults in implants and bedside devices, he said Wednesday at Healthcare IT News' Privacy & Security Forum in Boston. By way of example, he pointed to one local hospital that had "600 Windows XP boxes in deployment." To his astonishment, he was told by one hospital staffer that many were unpatched.