|
Podslurping and Medical Data Safety
 One of the most interesting
giveaways at this year's MD&M West was a press kit on a USB
flash drive. Users could simply plug the drive into an open USB port
on their computers and download the materials to their hard drives.
Pretty convenient, right? What's even better is that the flash drive
can be used again to later store and transport other data.
This technology also has its down side, though. Devices like the
one handed out at the show could put medical data at risk for theft.
There's even a term for it: podslurping. It's when a large portable
memory device, such as an iPod or USB flash drive, is connected to a
computer and "slurps" data from behind a firewall.
 Podslurping could have major
repercussions for the medical community. Commonly used security
measures, such as antivirus software and firewall protection, are
designed to keep external users from infecting or stealing networked
data. What these security systems can't do, however, is prevent
internal staff from plugging in a high-capacity portable memory
device and downloading a patient's clinical or financial data to it.
And current "plug and play" functionality in Windows makes it very
easy for any network user to do just that.
Regulatory agencies are just beginning to focus attention on this
new twist on data theft. According to John Murray, software
compliance expert at CDRH, FDA hasn't yet written anything to
specifically address the issue. "However, we do need to figure out
what kind of risk this represents to medical devices," he says.
The greater challenge is in complying with the Health Insurance
Portability and Accountability Act (HIPAA). The HIPAA security rule
doesn't directly address the use of external memory devices.
However, the ruling does state that "reasonable and appropriate
safeguards" need to be maintained in order to protect medical data.
And what is considered to be "appropriate" can change, based on
advances in data transfer and storage technology.
Many major corporations are still in the early stages of
implementing measures to combat podslurping. To help in the process,
several companies offer software that specifically targets external
memory devices. Programs such as Reflex Magnetics's Disknet Pro and Centennial
Software's DeviceWall enable network administrators to restrict
access to USB, serial, and parallel ports, as well as CD, DVD, and
floppy drives. Wireless ports that use WiFi or Bluetooth
connectivity can also be put on lockdown. But just like any security
system, these only work if you use them.
In light of this threat, it's extremely important for the medical
device industry to be proactive. Medical OEMs need to consider the
safety of patient data when developing computer hardware and
software to support their products. And developers of network data
systems in healthcare facilities need to work closely with
customer's IT departments and networking specialists to ensure the
integrity of all patient data. Otherwise, we could all be at
risk.
Corinne Litchfield
Associate Editor,
MPMN
 Products from the MPMN
Mailbox
The editors of MPMN receive hundreds of press releases on
medical device components each week. Read on for what we thought
were the most eye-catching products and services that have recently
come across our desk.
Molded Rubber Parts
Mechanical Torque Limiter
Heating Circuits
ac/dc Switching Power Supply
Continuous-Flex Ethernet Cables
E-Newsletter Exclusive
Design Kits Teach Engineers about Heaters, Sensors
Two
design kits give engineers an opportunity to experiment with a
company's technology. Read more
Read more news features in the March 2006 issue of
MPMN.
 New Online Feature: Ask the
Expert
Your company's question about electronic components could appear
in a new MPMN online feature! The MPMN Web site now includes an Ask
the Expert segment, in which we will have an expert in the month's
designated field answer readers' questions. For our feature focusing
on electronic components, we invite you to submit questions either
soliciting our expert's opinion on an important issue or trend in
the field, or seeking a factual answer to a problem in the industry.
Your question and company name will be prominently displayed in the
online feature, accompanied by our expert's response. Submitting a
question is as easy as clicking here.
Subscribe to MPMN
Getting signed up to receive MPMN is easier than ever. Click here to start your subscription today!
Send Us Your Feedback!
We'd like to hear your comments on this e-newsletter. Please send
all correspondence to mpmn@cancom.com
Canon Communications LLC
c/o Medical
Product Manufacturing News magazine
11444 W. Olympic Blvd.
Los
Angeles, CA 90064
| 
