There have been a couple of news articles this week relating to security in medical technology.
The first (computerworld) identifies the risks of running software on legacy unsupported hardware, which is the case for many computer managed devices installed in hospitals over a decade ago.
The cost of this equipment prohibits regular upgrades and highlights the need for low cost alternatives, such as smartphone apps.
The second (wired, bbc) shows a lax attitude towards data protection, ignoring the HIPAA requirement for encryption of data on device, in transit, and at rest on the server.
Health Tech companies need to design apps from the ground up with security in mind.
