Category: Risk mitigation

  • Killed by code – back to the future

    I hope that the code in your digital therapeutic for treating autistic children, doesn’t look like this. Back in 2011, I thought it would only be a question of time before we have a drive by execution of a politician with an ICD (implanted cardiac device). In Jan 9, 2017 FDA reported in a FDA Safety […]

  • A word to Teva on firing employees and assuring data security

    To be able to do something before it exists, sense before it becomes active, and see before it sprouts. The Book of Balance and Harmony (Chung-ho chi). A medieval Taoist book In early December 2017, the Israeli pharmaceutical generics company Teva announced it would lay off about 1,700 of its employees in Israel, who make up […]

  • How do you know that your personal health data is secure in the cloud?

    Modern system architecture for medical devices is a triangle of Medical device, Mobile app and Cloud services (storing, processing and visualizing health data collected from the device).  This creates the need for verifying a chain of trust: patient, medical device, mobile app software, distributed interfaces, cloud service software, cloud service provider. No get out of jail free card if […]

  • Why Google is a bad idea for security and compliance

    Dear consultant, I worry because so many of the best practices documents I read say that we need to store data in the cloud in Canada if we do business in Canada. See page 19 here – Health privacy in Canada Sincerely – consumer healthcare product manager Dear consumer healthcare product manager – First of all. […]

  • Kick start your European privacy compliance

    The CNIL’s Sanctions Committee issues a 150 000 € monetary penalty to GOOGLE Inc. On 3 January 2014, the CNIL’s Sanctions Committee issued a 150 000 € monetary penalty to GOOGLE Inc. upon considering that the privacy policy implemented since 1 March 2012 does not comply with the French Data Protection Act. It ordered the company […]

  • Software in Medical Devices – Update

    We have previously written about various aspects of the software development process, especially, the verification and validation activities in implanted and invasive medical devices. Here is  an update on what is happening in the regulatory arena and how the regulatory groups are checking up on what we are doing. Software Recalls 2012 The estimate for software recalls […]

  • Is cyber security and mobile device management important in the healthcare industry?

    Is cyber security and mobile device management important in the healthcare industry? Healthcare and technology go hand in glove more than almost any other sector in today’s business world. This statement is true today and will remain so into the future. Patient records form just one element of the vast mountain of data that is stored and […]

  • Debugging security

    There is an interesting analogy between between debugging software and debugging the security of your systems. As Brian W. Kernighan and Rob Pike wrote in “The Practice of Programming” As personal choice, we tend not to use debuggers beyond getting a stack trace or the value of a variable or two. One reason is that it is […]

  • Encryption, a buzzword, not a silver bullet

    Encryption,  buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider 4 encryption components on the server side: passwords, tables, partitions and  inter-tier socket communications. In these 4 components of a application / database server encryption policy, note that some countermeasures are […]

  • Ten steps to protecting your organization’s data

    Here are 10 steps  to protecting your organization’s privacy data and intellectual property. As a preface, begin with the understanding that you already have all the resources you need. Discussions with colleagues in a large forensics accounting firm that specialize in anti-fraud investigations, money laundering and anti-terror funding (ATF), confirm what I’ve suspected for a […]

1 2 3 6
Next Page