Fwd: Heart Surgery Stalled For Five Minutes Thanks To Errant Anti-Virus Scan
5 views
Skip to first unread message
admf...@gmail.com
May 14, 2016, 11:14:24 PM5/14/16
to ALUG
More blue screen of death
------- Forwarded message -------
From: "Karl Bode" <>
To:
Cc:
Subject: Heart Surgery Stalled For Five Minutes Thanks To Errant
Anti-Virus Scan
Date: Fri, 13 May 2016 14:35:00 -0400
If you've ever had the pleasure of simply asking one medical outfit to
transfer
your records to another company or organization, you've probably become
aware of
the sorry state of medical IT. Billions are spent on medical hardware and
software, yet this is a sector for which the fax machine remains the
pinnacle of
innovation and a cornerstone of daily business life. Meanwhile, getting
systems
to actually communicate with each other appears to be a bridge too far.
And this
hodge podge of discordant and often incompatible systems can very often
have
very real and troubling implications for patients.
For example, one patient recently undergoing a heart transfer had the
procedure
interrupted for five full minutes after a PC connected to an essential
piece of
monitoring equipment began a scheduled anti-virus scan:
"According to one such report filed by Merge Healthcare in February, Merge
Hemo
suffered a mysterious crash right in the middle of a heart procedure when
the
screen went black and doctors had to reboot their computer. Fortunately,
the
patient was sedated, and the doctors had five minutes at their disposal to
wait
for the computer to finish rebooting, start the Merge Hemo application
again,
and complete their procedure without any health risks for the patient."
Fortunate, since "death by shitty hospital IT support" doesn't sound like a
particularly fun way to go. The filing with the FDA by the company in
question (Merge)
notes that the blame was the fault of the hospital's IT support, who
ignored
software instructions that state the folders being used by Merge's software
should always be whitelisted from any anti-virus platforms:
"Merge investigated the issue and later reported to the FDA that the
problem
occurred because of the antivirus software running on the doctors'
computer. The
antivirus was configured to scan for viruses every hour, and the scan
started
right in the middle of the procedure. Merge says the antivirus froze
access to
crucial data acquired during the heart catheterization. Unable to access
real-time
data, the app crashed spectacularly."
Here's the thing: aging systems and shoddy medical IT support are the
least of
the medical industry's problems. The biggest problem continues to be that
medical technology security remains little more than an afterthought,
leaving
underfunded IT support frequently outgunned. That has resulted in a major
wave
of ransomware attacks that in some instances have actually forced
hospitals to
revert to using paper only while they get sorted out (underfunded school
systems
have been having a dramatic uptick in similar attacks).
And as Internet of Things companies push hospitals to embrace even more
sophisticated technologies, you can expect things to get worse. After all,
this
is a sector that can't even secure doorbells, refrigerators, thermostats
or even
tea kettles. What could possible go wrong as these technologies are
introduced
into an already marginally-competent medical IT sector?
Permalink | Comments | Email This Story
https://www.techdirt.com/articles/20160506/07161334360/heart-surgery-stalled-five-minutes-thanks-to-errant-anti-virus-scan.shtmlFull
article
------- Forwarded message -------
From: "Karl Bode" <>
To:
Cc:
Subject: Heart Surgery Stalled For Five Minutes Thanks To Errant
Anti-Virus Scan
Date: Fri, 13 May 2016 14:35:00 -0400
If you've ever had the pleasure of simply asking one medical outfit to
transfer
your records to another company or organization, you've probably become
aware of
the sorry state of medical IT. Billions are spent on medical hardware and
software, yet this is a sector for which the fax machine remains the
pinnacle of
innovation and a cornerstone of daily business life. Meanwhile, getting
systems
to actually communicate with each other appears to be a bridge too far.
And this
hodge podge of discordant and often incompatible systems can very often
have
very real and troubling implications for patients.
For example, one patient recently undergoing a heart transfer had the
procedure
interrupted for five full minutes after a PC connected to an essential
piece of
monitoring equipment began a scheduled anti-virus scan:
"According to one such report filed by Merge Healthcare in February, Merge
Hemo
suffered a mysterious crash right in the middle of a heart procedure when
the
screen went black and doctors had to reboot their computer. Fortunately,
the
patient was sedated, and the doctors had five minutes at their disposal to
wait
for the computer to finish rebooting, start the Merge Hemo application
again,
and complete their procedure without any health risks for the patient."
Fortunate, since "death by shitty hospital IT support" doesn't sound like a
particularly fun way to go. The filing with the FDA by the company in
question (Merge)
notes that the blame was the fault of the hospital's IT support, who
ignored
software instructions that state the folders being used by Merge's software
should always be whitelisted from any anti-virus platforms:
"Merge investigated the issue and later reported to the FDA that the
problem
occurred because of the antivirus software running on the doctors'
computer. The
antivirus was configured to scan for viruses every hour, and the scan
started
right in the middle of the procedure. Merge says the antivirus froze
access to
crucial data acquired during the heart catheterization. Unable to access
real-time
data, the app crashed spectacularly."
Here's the thing: aging systems and shoddy medical IT support are the
least of
the medical industry's problems. The biggest problem continues to be that
medical technology security remains little more than an afterthought,
leaving
underfunded IT support frequently outgunned. That has resulted in a major
wave
of ransomware attacks that in some instances have actually forced
hospitals to
revert to using paper only while they get sorted out (underfunded school
systems
have been having a dramatic uptick in similar attacks).
And as Internet of Things companies push hospitals to embrace even more
sophisticated technologies, you can expect things to get worse. After all,
this
is a sector that can't even secure doorbells, refrigerators, thermostats
or even
tea kettles. What could possible go wrong as these technologies are
introduced
into an already marginally-competent medical IT sector?
Permalink | Comments | Email This Story
https://www.techdirt.com/articles/20160506/07161334360/heart-surgery-stalled-five-minutes-thanks-to-errant-anti-virus-scan.shtmlFull
article
Reply all
Reply to author
Forward
0 new messages