The Heart Rhythm Society Releases Communication Strategies for Cybersecurity Threats to Cardiovascular Implantable Electronic Devices

The Heart Rhythm Society Releases Communication Strategies for Cybersecurity Threats to Cardiovascular Implantable Electronic Devices

BOSTON, MA--The Heart Rhythm Society (HRS) will release communication recommendations to assist healthcare professionals to understand and prepare for potential cybersecurity vulnerabilities of cardiovascular implantable electronic devices (CIEDs). The proceedings statement outlines four key communication themes: when to notify patients, whom to notify, how to communicate with patients, and what elements to discuss with patients. The statement will be presented on Thursday, May 10, at Heart Rhythm 2018, the Heart Rhythm Society's 39th Annual Scientific Sessions.  

The relative novelty of cybersecurity threats in CIEDs is raising questions among patients and the heart rhythm care community. The rapidly changing health care environment and increasing global interconnectivity expose information technology to vulnerabilities. Hackers can potentially use these vulnerabilities to gain unauthorized access to medical equipment. 

The proceedings statement includes detailed guidance on patient-centered communication strategies when a specific threat is identified. The authors first call for an assessment of the threat by experts from manufacturers and U.S. federal agencies. If a vulnerability is validated, the discussion between the health care professional and patient should include five topics: 

  • Potential consequences if the vulnerability is exploited
  • Strategies to mitigate the risks
  • Technical challenges to exploit the vulnerability
  • Long-term solutions to eliminate the threat
  • Benefits provided by the CIED compared with the risk if the vulnerability is exploited 

The authors note that if the claim of a new vulnerability is released directly to the public, instead of directly to the manufacturer or the U.S. Food and Drug Administration (FDA), there is the potential for a period of uncertainty and anxiety during the evaluation of the claim. U.S. federal agencies and manufacturers must rapidly assess both the validity of the claim and the potential risks to patients to prevent improper action or exploitation of the situation.  

"As we look ahead and plan for ways to deal with potential risks to CIEDs, preparedness is the best approach," said lead author David Slotwiner, MD, FHRS, New York-Presbyterian Queens.

"Like other technology such as smartphones or computers, device software needs to be regularly updated. As health care professionals, we are inclined to first address hardware issues with the battery or leads, but the software is equally important. The health care community must reach a point where routine software updates are considered the standard of care to minimize the threat and ultimately eliminate risks." 

The authors also state the importance of managing patient expectations at the time of implant.  Patients should know that CIEDs will require software updates until the battery is depleted. By educating patients prior to CIED implant and in advance of a threat announcement, patients will have a better understanding of the systems and be more prepared to respond to a potential vulnerability. HRS will work with its partners to help educate health care professionals on best practices for patient-centered conversations and mechanisms to minimize cybersecurity risks.

The statement captures the proceedings of the 2017 Leadership Summit on Cybersecurity Vulnerabilities: Communications Strategies for Clinicians and Patients that was attended by patient representatives, subject matter experts, HRS and American College of Cardiology (ACC) leadership, FDA and Federal Bureau of Investigation (FBI) officials, and leadership from CIED manufacturers.

SOURCE: Heart Rhythm Society

Mission & Vision

The mission of the Sudden Cardiac Arrest (SCA) Foundation is to prevent death and disability from sudden cardiac arrest. The vision of the SCA Foundation is to increase awareness about sudden cardiac arrest and influence attitudinal and behavioral changes that will reduce mortality and morbidity from SCA.

SCA Newsletter

Sign Up with the SCA Foundation News in order to stay informed! (* required field)

Contact Us

The Sudden Cardiac Arrest Foundation would like to hear from you! If you have questions or comments — Contact Us!

724-625-0025

Sudden Cardiac Arrest Foundation
7500 Brooktree Road
Wexford, PA 15090

Copyright © 2018 Sudden Cardiac Arrest Foundation. All Rights Reserved.

Web Design & Development, & Web Hosting By FastWebEngine