MedDevRisk: Risk Analysis Methodology for Networked Medical Devices

The prolific integration of technology into medical environments is continuously generating new attack vectors. This continuous amalgamation of technology into the medical field prompted the idea that risk assessment models can be utilized to identify cyber security vulnerabilities in medical settings. This research presents an initial investigation into the application of risk assessment frame works, i.e., STRIDE, Common Vulnerabilities and Exposures, and a Common Vulnerability Scoring System to identified networked medical devices that are currently employed in an operational medical simulation lab. The contribution of this research is twofold and culminates in a novel proof-of-concept system known as MedDevRisk. First, it demonstrates an approach to incorporating existing threat models into a relational database schema based on Threat-Vulnerability-Asset (TVA) relationships. Second, it provides an initial empirical analysis of the risk associated with networked medical devices along with providing the foundation for future research

Digital Pharmacovigilance: the medwatcher system for monitoring adverse events through automated processing of internet social media and crowdsourcing

Thesis (Ph.D.)--Boston UniversityHalf of Americans take a prescription drug, medical devices are in broad use, and population coverage for many vaccines is over 90%. Nearly all medical products carry risk of adverse events (AEs), sometimes severe. However, pre- approval trials use small populations and exclude participants by specific criteria, making them insufficient to determine the risks of a product as used in the population. Existing post-marketing reporting systems are critical, but suffer from underreporting. Meanwhile, recent years have seen an explosion in adoption of Internet services and smartphones. MedWatcher is a new system that harnesses emerging technologies for pharmacovigilance in the general population. MedWatcher consists of two components, a text-processing module, MedWatcher Social, and a crowdsourcing module, MedWatcher Personal. With the natural language processing component, we acquire public data from the Internet, apply classification algorithms, and extract AE signals. With the crowdsourcing application, we provide software allowing consumers to submit AE reports directly. Our MedWatcher Social algorithm for identifying symptoms performs with 77% precision and 88% recall on a sample of Twitter posts. Our machine learning algorithm for identifying AE-related posts performs with 68% precision and 89% recall on a labeled Twitter corpus. For zolpidem tartrate, certolizumab pegol, and dimethyl fumarate, we compared AE profiles from Twitter with reports from the FDA spontaneous reporting system. We find some concordance (Spearman's rho= 0.85, 0.77, 0.82, respectively, for symptoms at MedDRA System Organ Class level). Where the sources differ, milder effects are overrepresented in Twitter. We also compared post-marketing profiles with trial results and found little concordance. MedWatcher Personal saw substantial user adoption, receiving 550 AE reports in a one-year period, including over 400 for one device, Essure. We categorized 400 Essure reports by symptom, compared them to 129 reports from the FDA spontaneous reporting system, and found high concordance (rho = 0.65) using MedDRA Preferred Term granularity. We also compared Essure Twitter posts with MedWatcher and FDA reports, and found rho= 0.25 and 0.31 respectively. MedWatcher represents a novel pharmacoepidemiology surveillance informatics system; our analysis is the first to compare AEs across social media, direct reporting, FDA spontaneous reports, and pre-approval trials

Analyzing Adverse Events from Publicly Available Web Sources

Data mining for drug-reaction associations is a major topic in the pharmaceutical industry. Historically the focus has been on using privately owned and maintained datasets consisting of information that has been transformed via the FDA Adverse Event Reporting System (FAERS) and privatized reporting systems that house the data from clinical trials. Our focus will be on building a pipeline that demonstrates an open source solution for building a drug’s safety profile from data collection through signal detection. In contrast this pipeline primarily uses the openFDA and social media data available through Reddit with all analysis being done in the R statistical programming language. The aim was to collect the information available in these public sources and apply popular data mining methodologies used to identify and predict the occurrence of adverse events. The results show the ability of the openFDA and social media sites to create real-time drug safety occurrence profiles by applying the same statistical methods applied in clinical trials. Social media will be shown to provide the best results when applied to prescribed daily use medications compared to common over-the-counter drugs or last line of defense medications. The information and results reported in this paper are not intended or implied to be a substitute for professional medical advice, diagnosis, or treatment. Do not delay seeking medical treatment or advice because of something you have read in this paper

Data-driven resiliency assessment of medical cyber-physical systems

Advances in computing, networking, and sensing technologies have resulted in the ubiquitous deployment of medical cyber-physical systems in various clinical and personalized settings. The increasing complexity and connectivity of such systems, the tight coupling between their cyber and physical components, and the inevitable involvement of human operators in supervision and control have introduced major challenges in ensuring system reliability, safety, and security. This dissertation takes a data-driven approach to resiliency assessment of medical cyber-physical systems. Driven by large-scale studies of real safety incidents involving medical devices, we develop techniques and tools for (i) deeper understanding of incident causes and measurement of their impacts, (ii) validation of system safety mechanisms in the presence of realistic hazard scenarios, and (iii) preemptive real-time detection of safety hazards to mitigate adverse impacts on patients. We present a framework for automated analysis of structured and unstructured data from public FDA databases on medical device recalls and adverse events. This framework allows characterization of the safety issues originated from computer failures in terms of fault classes, failure modes, and recovery actions. We develop an approach for constructing ontology models that enable automated extraction of safety-related features from unstructured text. The proposed ontology model is defined based on device-specific human-in-the-loop control structures in order to facilitate the systems-theoretic causality analysis of adverse events. Our large-scale analysis of FDA data shows that medical devices are often recalled because of failure to identify all potential safety hazards, use of safety mechanisms that have not been rigorously validated, and limited capability in real-time detection and automated mitigation of hazards. To address those problems, we develop a safety hazard injection framework for experimental validation of safety mechanisms in the presence of accidental failures and malicious attacks. To reduce the test space for safety validation, this framework uses systems-theoretic accident causality models in order to identify the critical locations within the system to target software fault injection. For mitigation of safety hazards at run time, we present a model-based analysis framework that estimates the consequences of control commands sent from the software to the physical system through real-time computation of the system’s dynamics, and preemptively detects if a command is unsafe before its adverse consequences manifest in the physical system. The proposed techniques are evaluated on a real-world cyber-physical system for robot-assisted minimally invasive surgery and are shown to be more effective than existing methods in identifying system vulnerabilities and deficiencies in safety mechanisms as well as in preemptive detection of safety hazards caused by malicious attacks

Risk Assessment Framework for Evaluation of Cybersecurity Threats and Vulnerabilities in Medical Devices

Medical devices are vulnerable to cybersecurity exploitation and, while they can provide improvements to clinical care, they can put healthcare organizations and their patients at risk of adverse impacts. Evidence has shown that the proliferation of devices on medical networks present cybersecurity challenges for healthcare organizations due to their lack of built-in cybersecurity controls and the inability for organizations to implement security controls on them. The negative impacts of cybersecurity exploitation in healthcare can include the loss of patient confidentiality, risk to patient safety, negative financial consequences for the organization, and loss of business reputation. Assessing the risk of vulnerabilities and threats to medical devices can inform healthcare organizations toward prioritization of resources to reduce risk most effectively. In this research, we build upon a database-driven approach to risk assessment that is based on the elements of threat, vulnerability, asset, and control (TVA-C). We contribute a novel framework for the cybersecurity risk assessment of medical devices. Using a series of papers, we answer questions related to the risk assessment of networked medical devices. We first conducted a case study empirical analysis that determined the scope of security vulnerabilities in a typical computerized medical environment. We then created a cybersecurity risk framework to identify threats and vulnerabilities to medical devices and produce a quantified risk assessment. These results supported actionable decision making at managerial and operational levels of a typical healthcare organization. Finally, we applied the framework using a data set of medical devices received from a partnering healthcare organization. We compare the assessment results of our framework to a commercial risk assessment vulnerability management system used to analyze the same assets. The study also compares our framework results to the NIST Common Vulnerability Scoring System (CVSS) scores related to identified vulnerabilities reported through the Common Vulnerability and Exposure (CVE) program. As a result of these studies, we recognize several contributions to the area of healthcare cybersecurity. To begin with, we provide the first comprehensive vulnerability assessment of a robotic surgical environment, using a da Vinci surgical robot along with its supporting computing assets. This assessment supports the assertion that networked computer environments are at risk of being compromised in healthcare facilities. Next, our framework, known as MedDevRisk, provides a novel method for risk quantification. In addition, our assessment approach uniquely considers the assets that are of value to a medical organization, going beyond the medical device itself. Finally, our incorporation of risk scenarios into the framework represents a novel approach to medical device risk assessment, which was synthesized from other well-known standards. To our knowledge, our research is the first to apply a quantified assessment framework to the problem area of healthcare cybersecurity and medical networked devices. We would conclude that a reduction in the uncertainty about the riskiness of the cybersecurity status of medical devices can be achieved using this framework

Mobile Design For Adverse Event Reporting And Pharmacovigilance

Patient safety is concerned with protecting patients from errors, injuries, accidents, and infections. It is also concerned with capturing adverse events and understanding their severity. Reporting of adverse events help prevent poor patient outcomes in their acute phase. Another way of dealing with adverse events is by preventing them through the practice of monitoring the effects of drugs, medical devices including the detection, assessment, and understanding of an adverse event; this approach is called pharmacovigilance. Design Science framework was used for creating two mobile design solutions in the field of arthroplasty: one for the adverse event reporting and the other one for the pharmacovigilance. User centered design was utilized to understand requirements, context, and possibilities of managing and retrieving information of relevance for patient safety. Firstly, a mobile design for reporting of adverse events has proposed user interface to enable entry of data specific for knee and hip implants. Besides that, the system supports entry of the adverse event, its classification (serious, non-serious), its follow-up. Safety reports can be initiated and retrieved on request and depending on the adjudication of the event. Suspected severe events should be followed up and reported internally as well as to the national regulatory authorities until they are resolved and concluded. Expert evaluation of the first design solution was performed using low fidelity prototype. It has shown that design was relevant, straightforward, done in a way that official reporting would commence. Some users were positive to the reporting; some felt it would demand more work. The second design was focused on pharmacovigilance which seemed to be more appealing to the target group. It deals with the safety of medical devices (implants) by understanding the risks and dangers already reported by other clinicians or researchers. Internet resources such as the Manufacturer And User Facility Device Experience (MAUDE) web-site are often retrieved due to the lack of internal, local safety databases. The designed mobile solution for pharmacovigilance was based on the web system called WebBISS (Web-based implant search system) using HCI approach. The goal was not only to improve usability, but also to stimulate physicians to enter their safety data and become contributors, and not only users of information. The expert evaluation has been positive and encouraged developing stronger help and error reporting functions regarding the mobile application.Masteroppgave i informasjonsvitenskapINFO390MASV-INF

The Mobile Health Revolution?

Rarely does a class of technologies excite physicians, patients, financeers, gadgeteers, and policymakers alike. But mobile health — the use of mobile devices like smartphones and tablets for health or medical purposes — has captured our collective imagination. Observers predict that mobile health, also referred to as “mHealth” or “medical apps,” can save millions of lives, billions in spending, and democratize access to health care. Proponents argue that mobile health technologies will transform the ways in which we deliver, consume, measure, and pay for care; disrupting our sclerotic health care system. This Article evaluates mobile health and its many ambitions. Given the significant hype surrounding mobile health, I try to provide a relatively sober, dispassionate review of the many claims here. I begin by surveying the universe of mobile health technologies, offering a typology of products based on their functions, many of which have regulatory significance. The Article then considers the federal government’s posture towards mobile health. To date, Congress and over half a dozen federal agencies have addressed mobile health. Contrary to the prevailing wisdom, federal regulators are sympathetic, not hostile, to these technologies. However, I demonstrate how one agency, the U.S. Food and Drug Administration (FDA), is repeating the same mistakes that it made when it first confronted medical device software 25 years ago, relying on nonbinding guidance documents that are largely weak and unenforceable. I argue that, somewhat counter-intuitively, mobile health will only reach its immense potential if regulators like the FDA provide meaningful oversight. Otherwise, users will be flooded with mobile technologies that are ineffective, or worse, unsafe

Clinical Studies Conducted Over The Total Product Life Cycle Of High-Risk Therapeutic Medical Devices Receiving Us Food And Drug Administration Premarket Approval In 2010 And 2011

The US Food and Drug Administration (FDA) approves high-risk medical devices, those that support or sustain human life or present potential unreasonable risk to patients, via the Premarket Approval (PMA) pathway. In recent years, the FDA has begun shifting premarket evidentiary requirements to the postmarket period as part of a broader effort to continually evaluate device safety and effectiveness throughout the total product life cycle. We therefore sought to characterize the clinical evidence generated for high-risk therapeutic devices over the total product life cycle. In October 2014, we identified all clinical studies of high-risk therapeutic devices receiving initial market approval via the PMA pathway in 2010 and 2011 through ClinicalTrials.gov and publicly available FDA documents. Studies were characterized by type (pivotal, studies that served as the basis of FDA approval; FDA-required postapproval studies [PAS]; or manufacturer/investigator-initiated); premarket or postmarket; status (completed, ongoing, or terminated/unknown); and design features, including enrollment, comparator, and longest duration of primary effectiveness end point follow-up. We identified 286 clinical studies of the 28 high-risk therapeutic devices which received initial marketing approval via the PMA pathway in 2010 and 2011: 82 (28.7%) premarket and 204 (71.3%) postmarket, among which there were 52 (18.2%) nonpivotal premarket studies, 30 (10.5%) pivotal premarket studies, 33 (11.5%) FDA-required PAS, and 171 (59.8%) manufacturer/investigator-initiated postmarket studies. Six of 33 (18.2%) PAS and 20 of 171 (11.7%) manufacturer/investigator-initiated postmarket studies were reported as completed. No postmarket studies were identified for 5 (17.9%) devices; 3 or fewer were identified for 13 (46.4%) devices overall. Median enrollment was 65 patients (interquartile range [IQR], 25-111), 241 patients (IQR, 147-415), 222 patients (IQR, 119-640), and 250 patients (IQR, 60-800) for nonpivotal premarket, pivotal, FDA-required PAS, and manufacturer/investigator-initiated postmarket studies, respectively. Approximately half of all studies used no comparator (pivotal: 13/30 [43.3%]; completed postmarket: 16/26 [61.5%]; ongoing postmarket: 70/153 [45.8%]). Median duration of primary effectiveness end point follow-up was 3.0 months (IQR, 3.0-12.0), 9.0 months (IQR, 0.3-12.0), and 12.0 months (IQR, 7.0-24.0) for pivotal, completed postmarket, and ongoing postmarket studies, respectively. In conclusion, among high-risk therapeutic devices approved via the FDA PMA pathway, total product life cycle evidence generation varied in both the number and quality of premarket and postmarket studies, with approximately 13% of initiated postmarket studies completed between 3 and 5 years after FDA approval