Although Illumina has yet to receive any reports that this vulnerability has been exploited, according to a letter to healthcare providers from the US Food and Drug Administration , bad actors can take control of equipment, change software and patient test results, or infringe on provider rights. network and data filtering is protected.
WHY IT IMPORTANT
The FDA issued a statement on Thursday to healthcare providers and laboratory workers about the required actions to take to reduce cybersecurity risks in accountability tools. by Illumina – MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000 and NovaSeq 6000.
According to the Cybersecurity and Infrastructure Agency’s medical advice, the cybersecurity vulnerability affects the universal replication service in different versions of device driver and driver software.
The FDA is urging gene device owners to review emergency medical device recall notices or product quality notices for researchers sent on April 5, install the patch, and contact Contact Illumina for assistance or to report suspected device compromise.
The agency noted that some laboratories may be using Illumina gene sequencing devices for clinical diagnostic use.
Illumina just rang the bell at the Nasdaq MarketSite in Times Square on March 30, according to its website.
The 25-year-old genomics company supports researchers and providers of genetics programs, such as those at Children’s Mercy Research Institute working on Genomic Answers for Children. Children.
“The more than 9,500 researchers and clinicians we serve are using these incredible scientific advances to transform human health in ways,” said Susan Tousi, commercial director of Illumina. which 25 years ago was unthinkable.
“It’s like diagnosing a rare disease in a few days. Or, catch the deadliest cancers at Stage 1 or Stage 0… or use genetics to fight climate change.”
Illumina said the GA4K program in Kansas City, Missouri aims to marshal 30,000 children and their parents, and announced a recent milestone of providing more than 1,000 rare disease diagnoses to children. family.
TREND TO BIGGER
In addition to the FDA and CISA, the Federal Bureau of Investigation is also calling on healthcare organizations to stay at the forefront of medical device cybersecurity.
The agency said risks stemming from outdated software and lack of security features in older hardware in working, unpatched medical devices are increasingly being targeted. Vulnerabilities can affect patient safety, confidentiality, and integrity of data, and disrupt the delivery of care.
Genomic data is of particular concern in a data breach.
A notable cyber breach by the neurology department of Massachusetts General Hospital exposed protected health information, including genetic information, of about 10,000 people.
According to one Washington Post In terms of genetic data risk, the stakes are likely highest at the geopolitical level. Last year, when French President Emmanuel Macron met Russian President Vladimir Putin, Macron refused to be tested for the Russian coronavirus and they sat at opposite ends of a dining table that could comfortably seat 18-20 people, WaPo noted. idea.
The National Center of Excellence in Cybersecurity at the National Institute of Standards and Technology recently published a draft internal report on genomic data cybersecurity describing how the data can be used to surveillance, oppression and blackmail of the population.
The NCCoE said current policies, guidelines and technical controls do not adequately address these risks and accepted public comment on the report through April 3.
The characteristics of genomic data compared with other high-value datasets pose a number of privacy and cybersecurity challenges, respectively, that have not been adequately addressed, the NCCoE said in a statement. with current policies, guidelines and technical controls”.
ON PROFILE
“FDA is working with Illumina and coordinating with CISA to identify, communicate, and prevent adverse events related to this cybersecurity vulnerability,” the agency said in a letter to service providers. health care service.
“FDA will continue to notify healthcare providers and laboratory personnel if new or additional information becomes available.”
Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS Media.
