Integrate Biomedical Device Management With IT

A programmatic approach to enhancing security, efficiency and collaboration.

Analyst Perspective

Prioritize security for the convergence of biomedical device management and IT.

Medical devices in hospitals are often old, hard to see, and unprotected from vulnerabilities and hacking. Legacy medical devices were never designed to be connected, let alone secured, on today’s digital networks, which poses a unique cybersecurity risk that can directly endanger patient privacy and safety. With the rise of connected devices, there is an increase in risks and security concerns. The network effects associated with connected platforms make medical device security a pressing issue. In most hospitals, biomedical device management oversight sits under facilities management and is not integrated with the organization’s IT department, which limits the capability for effective visibility and security monitoring of these devices.

The convergence of biomedical device management with IT is a growing trend in healthcare organizations and the most viable solution to achieve the needed level of maturity and capability for end-to-end biomedical device management. Coordination and planning across the organization and its leadership is required to obtain stakeholder buy-in and support. It is important to understand the current state of biomedical device management, trends, connected device vulnerabilities, and benefits of integrating with IT.

Sharon Auma-Ebanyat Research Director, Healthcare Industry Practice Info-Tech Research Group

Executive Summary

Your Challenge

Connected medical devices increase security concerns. Increasingly connected devices with increasing risks and security concerns. Vulnerability assessment and remediation is an ongoing concern.

Small processes can have big risks. Asset management, configuration management, and support are now health-critical functions with a low tolerance for failure.

Biomedical departments have a broad organizational reach. Achieving the needed level of maturity and capability for end-to-end biomedical device management requires coordination and planning across the organization and its leadership. Obtaining stakeholder buy-in and support is critical.

Common Obstacles

Healthcare organizations do not have a current state assessments and complete active inventory of all their current biomedical devices, processes, statuses, and capabilities for transition into IT.

Not having enough staff to do the assessments, planning, remediation, and implementation. Restructuring will be required for the new program.

Not having the appropriate asset and configuration management tracking systems and databases in place to track monitor and manage the biomedical device environment.

Info-Tech’s Approach

Understand the current state of biomedical device management, trends, connected device vulnerabilities, and benefits of integrating with IT.

Develop an integrated biomedical device management program :

• Create the program vision.
• Conduct a current state.
• Define the future state.
• Design the biomedical device management program roadmap.

Leverage Info-Tech’s Biomedical Device Management Maturity Assessment Tool to determine your organization’s readiness.

Info-Tech Insight

Integrating biomedical device management with IT enhances efficiency, improves patient safety, optimizes resource use, and strengthens data security in healthcare settings.

Biomedical device management and IT convergence is inevitable

This research is designed to help healthcare organizations who are facing these challenges and need to:

• Integrate biomedical device management with IT operations due to increasingly connected devices with increasing risks and cybersecurity concerns, where vulnerability assessment and remediation is an ongoing concern.
• Achieve the needed level of maturity and capability for end-to-end biomedical device management across their organizations.
• Reduce the risks in asset management configuration support that are increasingly becoming health-critical functions with a low tolerance for failure in the event of a cybersecurity threat.

The global number of connected devices is set to exceed 50 billion in the next decade. The United States (US) has an average of 10 to 15 million connected devices and an average of 10 to 15 connected devices per patient bed. (Source: IBM, 2020)

Current medical devices are outdated and vulnerable

20% — 1 in 5 connected medical devices run on outdated/unsupported operating systems. (Source: Health IT Security, 2023)

53% of connected medical devices are vulnerable to cybersecurity attacks. (Source: Insider Intelligence, 2023)

The growth of internet of medical things (IoMT) increases risks

IoMT is defined as "the collection of medical devices and applications that connect to healthcare information technology systems through online computer networks. Medical devices equipped with Wi-Fi enable the machine-to-machine communication that is the basis of IoMT." (TechTarget, 2023).

IoMT includes hospital equipment, wearable technology, and other remote monitoring tools to collect and monitor environmental and biometric data. This creates an opportunity to transform clinical patient care creating seamless workflows and tracking of patient data; however, these devices also pose a high risk as entry points to hackers to infiltrate healthcare organizations.

Market Trends

Increased connectivity. By 2025 almost 68% of medical devices will be connected or connectable to a healthcare system in the hospital (Healthcare IT News, 2020).

Increased adoption. Globally, the US is predicted to generate the largest revenue, estimated at US$8,283.00 million in 2023, due to the rising adoption of smart medical devices and remote patient monitoring systems by hospitals (Statista, 2023).

Strong growth. The market is forecasted to exhibit an annual growth rate of 12.32% (CAGR 2023-2028), resulting in a market size of US$167.70 billion by 2028 (Statista, 2023).

Drivers of the Technology

Advancements in sensor technology, miniaturization, and connectivity solutions are enabling the development of more sophisticated and affordable medical devices, making IoMT more accessible to healthcare providers and patients.

Increasing demand for remote patient monitoring and diagnosis due to rising prevalence of chronic diseases and the increase in demand and use of virtual care services.

Breadth of IoT and IoMT cyberattacks in healthcare organizations in the US from 2020 to 2022

(Source: Statista, 2023)

Info-Tech Insight

The diversity of IoMT devices, with their own distinct communication protocols and formats, will make it more challenging to integrate with hospital systems and to effectively secure from cybersecurity threats.