MedTech Dive June 24, 2021
Nick Paul Taylor

Dive Brief:

  • The Office of Inspector General has found Medicare lacks consistent cybersecurity oversight of networked medical devices in hospitals. Without proper cybersecurity controls, these devices can be compromised with the potential for patient harm, according to OIG. 

  • CMS’ survey protocol is devoid of requirements for networked device cybersecurity. OIG’s review revealed Medicare accreditation organizations (AOs) that could use their discretion to assess cybersecurity during hospital surveys rarely use that power.

  • The shortcomings in oversight led OIG to recommend that CMS works with HHS and others to address cybersecurity as part of its quality oversight of hospitals. CMS concurred with the need to consider ways to highlight cybersecurity but OIG wants the agency to go further.


Today's Sponsors


Today's Sponsors

Crossover Health

Today's Sponsor

Institute for Healthcare Improvement

Topics: Cybersecurity, Govt Agencies, Health IT, Insurance, Medical Devices, Medicare, OIG, Provider, Survey / Study, Technology, Trends
CMS considers making medical device cybersecurity part of hospitals' Medicare accreditation reviews
Medicare Lacks Cybersecurity Oversight for Hospital-Based Networked Medical Devices, HHS OIG Finds