• SERVICES
  • INDUSTRIES
  • PERSPECTIVES
  • ABOUT

    • Who We Are

      We support businesses in their strategic decisions on growth and optimization

      Who We Are

    • Connect With Us

      let’s connect to discuss how we could support your intelligence needs

      Contact

    • Work With EOS

      We are researchers – curious, knowledge-hungry, and eager to solve problems

      Work With Us
  • Search
  • ENGAGE

PHILIPS

Home PHILIPS

Recall Aftermath Who is Gaining Share in the Sleep Apnea Devices by EOS Intelligence
by EOS Intelligence EOS Intelligence No Comments

Recall Aftermath: Who is Gaining Share in the Sleep Apnea Devices and Ventilators Market?

In recent years, the number of ventilator recalls has increased considerably, primarily due to product quality issues, software malfunction, and manufacturing defects. This affected manufacturers such as Philips, Medtronic, and Vyaire Medical, leading to brand damage, financial losses, and a shift in the market competition. Existing players and new entrants such as Getinge and Nihon Kohden are stepping in to fill the gap with innovative and non-invasive products. The recalls caused challenges for manufacturers and patients, highlighting the need for strong quality control and regulatory oversight.

Recalls of its sleep apnea devices and ventilators hit Philips the hardest

The medical device industry has recently experienced many product recalls, particularly in the ventilators segment, impacting major market players such as Philips, Medtronic, Baxter, GE Healthcare, Hamilton Medical, and Vyaire Medical.

Philips (Philips Respironics) faced a series of class I respiratory product recalls, including CPAP and BiPAP machines, and ventilators, due to health risks caused by the polyester-based polyurethane (PE-PUR) sound abatement foam breakdown in the devices. Industry experts consider Philips’ sleep apnea devices and ventilator recalls among the most significant since 2021. As of January 2024, the company experienced a recall of over 15 million sleep apnea devices and ventilators, and reportedly hundreds of deaths. The recall seriously hurt the company’s reputation, weakened its position in the market, and caused significant financial problems.

The recalls led to a decline in the company’s share price by 60-70% in 2021, and it is still about 50% lower than its peak in April 2021 (US$ 53.45). Comparable sales of the connected care segment, including sleep apnea devices and ventilators, declined by about 19% in 2021 in comparison to 2020. This happened primarily due to sleep apnea devices and ventilators recalls, and the normalization of demand for hospital ventilators and monitoring systems following the COVID-19 surge. Recalls continued to drive down ventilator and sleep apnea device sales in 2022 and 2023.

The considerable impact on sleep apnea devices and ventilator sales resulted in a decline in Philip’s share in the sleep apnea device market, dropping to an estimated 20% between 2021-2023 from over 30% before the recall. The company also experienced a notable decline in market share in the ventilators market. Despite the decline in market share, Philips maintained its position as one of the leading players in both the sleep apnea devices and ventilators market.

However, in January 2024, Philips agreed to halt the sales of 19 sleep and respiratory products in the USA as a part of the consent decree with the US Department of Justice (DOJ). These products included hospital ventilation, certain home ventilation, sleep diagnostic devices, and portable and stationary oxygen concentrators. This affected the company’s brand image greatly and resulted in a further loss of market share in both ventilators and sleep apnea devices markets. Since the company will continue to sell consumables and accessories, including masks, it is anticipated to maintain a portion of its market share in both segments.

In April 2024, the company agreed to pay US$1.1 billion in legal settlement to resolve injury-related cases caused by sleep apnea devices and ventilators in the USA. Overall, sleep apnea device recalls cost the company over US$5 billion, likely including charges such as provisions for Philips Respironics-related litigation, consent decree, remediation costs, legal settlements, workforce restructuring, and quality remediation action. In addition, Philips cut 6,600 jobs by 2023 and is likely to reduce its workforce by a total of 10,000 by 2025.

Several companies bore the brunt of their own ventilator recall setbacks

Other prominent manufacturers such as Drägerwerk (Draeger), Medtronic, Vyaire Medical, Hamilton Medical, and Baxter also experienced various ventilator recalls due to manufacturing and quality defects. Although the FDA classified these recalls as serious, these companies did not face the same severe consequences as Philips, as these recalls did not result in major injuries.

All these manufacturers also witnessed a drop in ventilator sales largely due to the stabilization of demand for ventilators following the COVID-19 surge, with product recalls also contributing to the downturn.

In February 2024, Medtronic completely exited the ventilator market due to unprofitability. Similarly, in June 2024, Vyaire Medical filed for bankruptcy and was subsequently acquired in October 2024 by Zoll, an Asahi Kasei company engaged in the manufacturing of medical devices and related software solutions. This caused a profound impact on the ventilators market.

Market players are introducing products with advanced features to gain market share

The ventilator market encountered a radical shift in competition due to numerous product recalls. The suspension of sleep and respiratory product sales cost Philips its leading market position in sleep apnea devices and ventilators (except for certain home ventilators). It remains unclear when or if Philips will be able to resume sales of these devices. However, the company is unlikely to leave its presence in the sleep apnea devices and ventilators market entirely due to its commitment to service and supply of parts of ventilators in use, as well as its decision to continue the sale of consumables and accessories.

Existing market players such as Getinge, Hamilton Medical, Drägerwerk (Draeger), ResMed, and GE Healthcare, and newer entrants such as Nihon Kohden, are likely to fill in the gap left by Philips, Medtronic, and Vyaire Medical in the USA.

Market players such as Getinge, Drägerwerk (Draeger), and Nihon Kohden are focusing on introducing technologically advanced ventilators with features such as enhanced patient comfort, advanced monitoring capabilities, portability, and adaptive ventilation modes, to grab a slice of the pie. They are also increasingly focusing on expanding their portfolio of non-invasive ventilators with different interfaces, including face masks, nasal masks, helmets, and mouthpieces.

For instance, in October 2024, Nihon Kohden introduced a new ventilator system that combines invasive and non-invasive ventilation and high-flow oxygen therapy in one device, offering adaptability and eliminating the need to switch between machines. It also features a customizable, app-based touchscreen interface with advanced monitoring capabilities. Similarly, in January 2024, Getinge introduced ‘Servo-air Lite’, a non-invasive ventilator with high-flow therapy that offers optimal respiratory support, enhanced patient comfort, and ease of use for clinicians.

ResMed, a leading player in both the sleep apnea devices and ventilators market, is estimated to have grabbed over 10% of Philips’ market share in the sleep apnea devices market in the USA. ResMed witnessed a substantial increase in demand for its sleep and respiratory care products, including sleep apnea devices and ventilators, for various reasons, including Philips’ product recalls. The demand for its sleep and respiratory care products in the USA, Canada, and Latin America increased by 16%, 25%, and 10% in 2022, 2023, and 2024, respectively.

Companies engaging in sleep apnea devices and ventilator rentals, sales, and distribution, such as Trace Medical, also started adding brands from different companies to their product mix to meet the demand for these devices.

Patients experience delays in treatment and struggle to switch to other brands

Philips’ foam degradation issue has exposed patients to severe health risks, leading to respiratory complications and even cancer. Recalls of many ventilators and sleep apnea devices have left hospitals struggling to replace them, causing delays in patient treatment.

Patients relying on a specific brand faced reduced treatment options. Many patients found it difficult to switch to other brands due to cost and differences in machine settings or interfaces. With Philips halting sales of various sleep apnea devices and ventilators, patients have no choice but to switch to other brands.

The recall of various products from different companies has created significant demand and supply chain pressures for existing companies. These pressures will likely drive up ventilator and sleep apnea device prices, further burdening patients.

EOS Perspective

Product recalls in the sleep apnea devices and ventilator segment brought quality issues to the limelight. This highlights the need for stronger quality control processes and technologically advanced sleep apnea devices and ventilators incorporating virtual monitoring and AI integration, which can help detect defects earlier.

While the FDA received complaints about Philips’ degradation of the sound abatement foam in the sleep apnea devices and ventilators before the recall initiation, decisive action to force correction was not taken immediately. Also, despite knowing that Philips had been aware of the foam degradation issue for many years, the FDA did not take stronger enforcement measures against the company sooner. This situation highlights the importance of assessing and enhancing the FDA’s oversight process to ensure timely response to medical device complaints.

Philips suffered lasting brand damage due to the recalls. Although the company is trying to regain shareholder and consumer trust after settling US claims for an amount much lower than anticipated (US$2-5 billion) by analysts and the public, it faces a long road ahead.

Regarding market competition, ResMed is estimated to continue to lead and strengthen its dominant position in the sleep apnea devices market. The exit of well-established players from the ventilator market will intensify competition among existing companies and new entrants seeking to capture market share. However, it will be a gradual process as customers slowly transition from existing products to new brand ones. On top of that, the new entrants are likely to face stricter regulatory norms and product approval processes aimed at reducing the number of product recalls and enhancing patients’ safety.

Personalized Image-Guided Therapy Medicine's New Crystal Ball by EOS Intelligence
by EOS Intelligence EOS Intelligence No Comments

Personalized Image-Guided Therapy: Medicine’s New Crystal Ball?

Precision and personalized care are becoming the keys to unlocking better patient care in modern medicine. With personalized medicine image-guided therapy (IGT) systems offering physicians better control over therapy decisions, the healthcare industry hopes discomfort and uncertainty will give way to reliability and healing.

IGT enhances surgical precision and treatment management

IGT is an approach that uses various imaging technologies to plan, perform, and evaluate surgical procedures and treatments. There are two main groups: traditional surgeries enhanced by imaging technology and newer procedures that use imaging and specialized instruments to treat internal organs and tissues without surgery.

The IGT systems, such as Dutch Philips’ Azurion and American Varian’s Halcyon, help improve minimally invasive procedures by offering real-time imaging support during interventional techniques, especially in cardiology and oncology. They also aid in precise navigation and treatment delivery.

Azurion’s IGT system offers various clinical suites, including Coronary, Onco, and Neuro suites, tailored to a particular surgery. This customization can make a surgeon’s work easier. Many IGT systems also integrate with hemodynamic systems and similar interventional tools that give surgeons more information.

On the other hand, advanced imaging platforms such as the 1788 visualization platform by US-based Stryker, TIVATO 700 by Germany-based Zeiss, and VISERA ELITE II by US-based Olympus specifically work in open surgical settings, providing high-definition imaging that enhances visibility during more invasive procedures.

IGT employs imaging modalities and technological innovations for disease management

The most commonly used imaging modalities in IGT are X-rays, ultrasound, MRI, and CT scans, which provide detailed cross-sectional images of the body. Other supporting technologies include angiography, ultrasound, tracking tools, surgical navigation systems, and integration software.

IGT also offers invaluable insights into disease diagnosis and management of minimally invasive procedures. Significant advancements have been made in this field in recent years owing to developments and integration of innovations such as artificial intelligence (AI), big data, deep learning, sensor fusion, and advanced signal processing.

Personalized Image-Guided Therapy Medicine's New Crystal Ball by EOS Intelligence

Personalized Image-Guided Therapy Medicine’s New Crystal Ball by EOS Intelligence

IGT and advanced visualization systems complement each other in cancer surgeries

Applying advanced visualization systems for open cancer surgeries adds a competitive aspect to the image-guided therapy landscape. Systems such as Stryker’s 1788 have the potential to be a viable option in low-resource environments or hybrid surgical settings. Such facilities may view it as a cost-effective and simpler substitute for comprehensive IGT systems for certain cancer surgeries.

The competition could also intensify in niche applications where minimally invasive tumor resection overlaps with interventional oncology. This is especially true for hospitals that aim for a one-stop surgical solution without high investment in IGT infrastructure.

However, the IGT systems have a different clinical role, being particularly effective in procedures such as catheter-based interventions or radiotherapy, where accurate imaging is extremely critical. Therefore, the competition may be nuanced, depending on the specific surgical approach, as the two technologies could also complement each other by providing tailored solutions for distinct surgical techniques and scenarios.

IGT sector is rapidly growing in minimally invasive and specialized procedures

The IGT market has seen rapid development, especially in the post-pandemic era. The global IGT systems market was US$5.5 billion in 2023 and is estimated to reach US$8.9 billion by 2032, according to an India-based market research firm, IMARC. The company also forecasts the market to grow at a CAGR of 5.4% from 2024 to 2032.

Several factors drive this growth, including IGT’s ability to offer better health outcomes in treating severe conditions such as cancer, its application in treating old age-related conditions, such as stroke and vessel blockage, and the surge in demand for minimally invasive procedures.

Rising cancer cases are boosting sector growth

The American Cancer Society estimates that approximately 20 million new cancer cases were diagnosed, and 9.7 million people died from cancer worldwide. The number of cancer cases is expected to reach 35 million by 2050. The high prevalence of cancer has increased the need for innovative treatment options with limited damage to healthy cells. Oncologists and patients are now opting for IGT, such as image-guided surgeries and radiotherapy, to treat cancers, including severe and complex ones.

For example, hepatocellular carcinoma, the most common liver cancer, is a challenging disease to treat. A 2010 study published in Insights into Imaging, a peer-reviewed open-access journal, indicated that due to the advanced stage of the disease at diagnosis and limited donor availability, only 10–15% of HCC patients are eligible for surgical resection or liver transplantation. Surgical options are primarily reserved for patients with solitary, asymptomatic HCC and well-preserved liver function without significant portal hypertension or elevated bilirubin levels. Also, systemic chemotherapy has largely been ineffective for HCC.

Image-guided procedures can offer doctors detailed imaging data to aid diagnosis, patient risk assessment, and treatment planning during the early detection stages. Image-guided catheter-based techniques are used for treating larger lesions or more extensive liver involvement seen in intermediate-stage HCC, and ablative procedures are employed for early-stage HCC.

Minimally invasive image-guided therapies can also extend survival, preserve more healthy liver tissue (crucial for cirrhotic patients), allow for potential retreatment, and serve as a bridge to transplantation.

Growing geriatric population is also contributing to sector expansion

The rising geriatric population is also driving the need for image-guided therapies. UN estimates there were 761 million people aged 65 or older globally in 2021. This number is expected to rise to 1.6 billion in 2050. Age is a significant factor in determining the likelihood of developing serious conditions such as cancer. According to the National Cancer Institute (NCI), the average age of individuals diagnosed with cancer is 66, indicating approximately half of all cancer cases are diagnosed in people aged 66 and older.

Older people are also at a higher risk of suffering from severe post-procedural complications, especially in the case of invasive surgeries. IGT-supported therapies, especially minimally invasive surgeries, can help doctors treat geriatric patients with limited adverse effects.

Advancements in minimally invasive procedures and cancer radiotherapy are on the rise

The rising demand for minimally invasive procedures is another factor driving the increasing adoption of IGT systems. A 2015 study published in JAMA Network, an open-access medical journal, indicated that minimally invasive surgeries have fewer postoperative complications, provide better outcomes, and reduce healthcare costs. This has prompted many physicians and patients to choose IGT system-based minimally invasive therapies in treating complicated conditions that may otherwise require longer hospital stays and repeat visits.

The growing number of developments in cancer radiotherapy is also an important factor propelling the IGT market forward. AI in radiation therapy enhances the accuracy and precision of treatment. In image-guided radiotherapy (IGRT), AI-based algorithms are used to analyze images taken during treatment and make adjustments to the treatment plan in real time. This enables clinicians to target tumors with greater precision, reduce the amount of irradiated healthy tissue, and improve treatment outcomes.

Several premier institutions, such as Cancer Research UK, London-based Medical Research Council (MRC), and US-based Stanford Medicine, are involved in cancer radiotherapy research to develop cancer imaging, diagnostics, and minimally invasive treatment platforms. With the radiotherapy market will likely reach US$12.51 billion by 2029, according to a 2024 report by India-based market research firm Mordor Intelligence, these efforts can contribute to the growth of the IGT sector.

IGT therapies allow for prompt and low-risk interventions

The introduction of IGT into personalized medicine has had a crucial impact on patient outcomes. IGT enables healthcare professionals to diagnose and treat serious conditions more rapidly. This prompt initiation of treatment reduces the risks associated with delayed interventions.

An example of an IGT system offering better treatment management is Philip’s Azurion Lung Edition, a 3D imaging and navigation platform that streamlines the diagnosis and treatment of lung cancer. The system combines tableside CT-like images with real-time X-ray guidance and advanced tools to support guided procedures. It is specifically designed for bronchoscopy procedures and enables clinicians to perform minimally invasive biopsy and lesion ablation in a single procedure. This reduces the need for additional procedures and speeds up diagnosis.

IGT systems also offer a precise, real-time visualization of the therapy site, enabling highly targeted interventions. This level of accuracy can minimize complications and failures during procedures. For example, IGRT used in cancer treatment enables oncologists to target tumors while sparing healthy tissues precisely, reducing side effects and boosting treatment success rates. Surgeons also better comprehend spatial relationships between the tumor and vital organs or blood vessels when they can access high-resolution images highlighting the essential structures during the procedure.

Minimally invasive nature of IGT therapies minimizes complication and disability risks

IGT procedures are minimally invasive in nature. This reduces the trauma caused by the procedure, reducing the risk of complications. Patients can recover faster from IGT procedures, reducing hospital stays and lowering the likelihood of hospital-acquired infections and other potential complications. A 2022 study published in the National Library of Medicine’s (NLM) online portal indicated that image‐guided procedural techniques reduce risks, prompt faster recovery, and shorten hospital stays.

IGT’s minimally invasive nature also reduces the risk of disability post-treatment. In the case of complicated surgeries such as brain tumor removal, surgeons use techniques such as intraoperative MRI (iMRI) to get a detailed map of the tumor and surrounding brain structures before and during surgery. This allows for more precise resection of the tumor and reduces the risk of injury to critical brain areas, thereby lowering the possibility of neurological damage and associated disabilities. A 2014 article published in NLM’s online portal indicated that using iMRI improved surgical outcomes, including increased tumor resection and survival rates and decreased risk of neurological deficits.

IGT systems offer interventional tools supporting surgeons in complex procedures

Advanced IGT systems now come with integrated interventional tools, which can be especially beneficial during complex or delicate procedures. For example, Azurion, an IGT platform developed by Philips, has interventional tools integrated into the imaging system. It offers procedure cards that allow clinicians to pre-program routine tasks and preferences, as well as an interface for performing various procedures in interventional labs.

Integrations such as these can help surgeons make informed and data-driven decisions during procedures, allowing them to make mid-procedure adjustments. Such flexibility is crucial, particularly in complex surgeries or when treating conditions such as cardiovascular diseases.

Development high costs and cybersecurity issues hinder adoption

Despite offering numerous benefits to patients, the developers of IGT systems face several challenges.

Huge R&D costs and market competition are impacting new players

The significant financial burden of research and development in this field is one major obstacle for companies, especially newer ones entering the market with limited budgets. Developing advanced imaging technology that seamlessly integrates with therapeutic tools requires substantial investments in software and hardware.

Also, these systems require continuous refinement to ensure optimal accuracy and adaptability, as they must be able to accommodate diverse patient anatomies and conditions. This is a time-consuming and costly process. Consequently, only established companies with significant R&D budgets may be able to compete in the market.

Not just the R&D budget but also leading players’ brand equity is a significant challenge for new players trying to enter the IGT systems market. The newer entrants face intense competition from established players such as Philips, GE Healthcare, and Siemens. These companies have been in the market for years and have a strong foothold in terms of market share and brand recognition. This can make it challenging for new players to establish themselves in the sector, limiting innovation and market growth.

New companies can attempt to tackle this and make inroads into the market by forming partnerships with hospitals and public health initiatives to drive the adoption of their IGT systems.

High upfront costs are affecting the widespread adoption of IGT devices

The IGT devices’ market prices reflect the high R&D costs. Almost all IGT systems have high upfront costs. For example, an interventional radiology suite can cost anywhere between US$1 million to over US$3 million, depending on its sophistication. This can make acquiring and implementing IGT systems prohibitively expensive for many healthcare providers, particularly smaller or publicly funded organizations.

While healthcare providers can pass on the cost to patients, it can also cause many other challenges. Even with insurance coverage, some patients may not be able to afford certain procedures or treatments when the out-of-pocket expenses are significant. Consequently, this can reduce the overall demand for IGT devices, negatively impacting sales for manufacturers.

Companies can try tackling this issue by offering price flexibility and discounts for large orders or entering into long-term contracts with healthcare providers to help maintain demand. They may also offer leasing or subscription-based payment models instead of selling devices outright. This could encourage purchases by healthcare providers, allowing them to spread out the costs over time and lighten the upfront financial burden on patients.

Cybersecurity challenges are threatening patient care and security

Another significant challenge in adoption is cybersecurity and data management issues. A 2024 fact sheet by the US Office of the Director of National Intelligence indicated that there has been a 128% increase in healthcare ransomware attacks in 2023 over 2022 in the USA. As a result of these attacks, American hospitals have faced disruptions to medical procedures, patient care, and operations, including delayed procedures, diverted patients, rescheduled appointments, and strained acute care provisioning.

IGT systems generate and store vast amounts of imaging and procedural data on the cloud. Any security breach can lead to privacy leaks and misuse of patient data. Attackers can also maliciously embed images or reports and manipulate medical images, thereby delaying procedures and patient care and causing loss of life. This complexity often leads to hesitation in adoption, particularly for institutions that lack the necessary IT infrastructure.

Many companies are addressing this issue by creating devices with secure design and in-depth defense approaches. An example is Philip’s Azurion, which offers a six-layer protection to combat cyberattacks.

EOS Perspective

IGT systems promise to improve patient outcomes and revolutionize healthcare in the long run, particularly in treating serious medical conditions such as cancer. While there are some challenges to address in order to strengthen widespread adoption, with rapid developments underway in technologies such as AI and augmented reality, IGT can play a greater role in disease treatment in the coming years.

Currently, studies are underway using AI and machine learning to predict the response to minimally invasive image-guided therapies. Similarly, AI-based algorithms are also being developed to monitor tumor motion, reduce treatment uncertainty, and improve treatment precision.

One promising direction new entrants can push for is more portable and cost-effective IGT solutions. Research to miniaturize imaging devices and develop affordable hardware could make IGT systems more accessible to a broader range of healthcare providers, even those in remote areas, thereby expanding the market. Also, as costs come down and standardization improves, hospitals and clinics of varying sizes will be more likely to invest in IGT technologies.

In the short term, larger, well-funded players are likely to continue to lead the way in adopting and refining IGT systems. These companies have the resources to invest in technology and training, enabling them to push the boundaries of personalized medicine. However, as the technology matures and becomes more affordable, smaller players will increasingly be able to capture a market share.

Prescribing Security Diagnosing and Treating the IoT Universe in Healthcare by EOS Intelligence
by EOS Intelligence EOS Intelligence No Comments

Prescribing Security: Diagnosing and Treating the IoT Universe in Healthcare

The integration of the Internet of Things (IoT) into the healthcare industry has significantly transformed the delivery of medical services, enhanced patient experiences, and revolutionized medical practices. While the benefits of IoT are undeniable, there are challenges that come with its adoption. Issues such as device hacking and data breaches pose significant obstacles that must be addressed. Therefore, it is essential for device manufacturers to design medical devices with caution. By taking a proactive approach and investing in robust cybersecurity measures during the design and development phases, manufacturers can create devices that are more secure and less vulnerable to hacking.

IoT has revolutionized the healthcare industry by enabling medical devices to connect and communicate with each other, as well as with healthcare providers and patients. These devices utilize cloud computing and collect valuable data in real time, allowing for remote monitoring, timely interventions, and personalized care.

The average hospital room worldwide has an estimated 15 to 20 interconnected medical devices. This number is steadily increasing due to the rising adoption of internet-connected devices. The market for IoT medical devices is close to US$40 billion as of 2023. With exponential growth, it is likely to cross US$150 billion over the next five years. This upward trajectory is geared towards reducing healthcare systems’ costs, enhancing patient care, and streamlining clinician workflows.

Healthcare organizations are not immune to cybersecurity breaches

Amid this inevitable growth in adoption, it is crucial to prioritize the security of medical devices to protect patients’ lives, safety, and privacy. While these devices have the potential to streamline and improve treatment, they also pose significant risks due to their susceptibility to cyberattacks.

According to a 2019 report by Fierce Healthcare, 82% of healthcare organizations experienced cyberattacks targeting IoT devices. Moreover, about 53% of medical and IoT devices in hospitals had vulnerabilities. Cybercriminals have honed in on the healthcare industry as a prime target, capitalizing on its perceived lack of robust cybersecurity protocols.

Healthcare bleeds out money without a cybersecurity cure

According to IBM’s Cost of a Data Breach 2023 report, the average cost of a cyberattack in the healthcare industry is US$4.45 million per breach, marking a 2.3% increase from the previous year’s average cost of US$4.35 million.

This significant uptick in costs since 2020, when the average overall cost of a data breach was US$3.86 million, represents a substantial 15.3% increase over three years. This growth underscores the importance of prioritizing cybersecurity measures to protect sensitive patient data and ensure the safety and integrity of medical devices in healthcare settings.

Unaddressed IoT challenges in medical devices lead to unauthorized access

Despite the many potential benefits of IoT medical devices in healthcare, the lack of adequate security measures continues to be one of their main challenges. Many devices do not have robust encryption protocols or authentication mechanisms, making them easy targets for hackers.

These vulnerabilities could potentially be exploited to gain unauthorized access to patient information or manipulate the device to deliver harmful treatments. As these devices become more interconnected with other healthcare systems, the potential cyberattacks only increase, posing a serious threat to patient safety.

Prescribing Security Diagnosing and Treating the IoT Universe in Healthcare by EOS Intelligence

Prescribing Security Diagnosing and Treating the IoT Universe in Healthcare by EOS Intelligence

Hackers endanger patients’ health and lives

Hackers can exploit vulnerabilities in IoT medical devices to gain access to sensitive patient information, alter treatment settings, or sabotage critical systems. This poses a grave threat to patient safety and privacy, as well as the overall integrity of healthcare infrastructure. Furthermore, since IoT devices are interconnected, a breach in one device could potentially compromise the entire network, leading to widespread disruptions and chaos in healthcare delivery.

One example of such a breach occurred in 2019 at a Springhill Medical Centre in the USA involving a ransomware attack. This attack disabled patient monitors for several days, leading to a substantial impact on patient care. A lawsuit has been filed, alleging that the disabled monitoring devices led to infant death during delivery at the center.

IoT medical devices need improved security to match technological advancements

The rapid pace of technological advancements in IoT medical devices often outpaces the development of security protocols. New features and functionalities are constantly added to these devices to improve patient care.

However, these updates may also introduce additional security vulnerabilities that cybercriminals can exploit. Many healthcare providers struggle to keep up with these evolving threats and may not have the resources or expertise to effectively secure their IoT devices on an ongoing basis.

Diversity of IoT devices complicates securing healthcare environments

The healthcare environment is characterized by a diverse range of interconnected devices, often developed by various manufacturers with varying security protocols, making it difficult to implement a cohesive security strategy across all devices. This diversity complicates efforts to achieve comprehensive visibility and security, as each device may require distinct monitoring and protection strategies.

Additionally, the sheer number of devices in use within a healthcare facility can overwhelm IT teams responsible for monitoring and securing them, increasing the likelihood of overlooking potential security risks.

Limited downtime poses cybersecurity challenges

IoT medical devices are used continuously in real time, leaving little room for downtime. This lack of downtime poses a challenge for security teams, as they have limited time to analyze the devices and implement necessary patches to ensure their security.

The constant use of these devices in healthcare settings highlights the importance of finding a balance between security and functionality in order to safeguard sensitive patient data and uphold the integrity of the healthcare system.

Devices’ size and continuous connection result in insufficient battery support

Another challenge in the realm of IoT devices is related to their powering. Many of these devices use batteries and their compact size restricts the capacity for large, durable batteries. They need to be constantly connected to transmit data, which continually drains power.

These devices’ limited power and memory make it difficult to incorporate encryption, continuous software updates, and authentication protocols that can protect sensitive patient information from hackers.

Durability of IoT medical devices poses a security risk

Additionally, IoT medical devices are engineered to have a long lifespan. Their durability can pose a security risk. Once a vendor ceases production or stops releasing updates for these devices, hospitals may continue to rely on outdated technology, making them vulnerable to cyberattacks.

Hospitals must play a role in safeguarding their IoT device systems

Securing healthcare IoT devices can be a complex task, but it is essential to implement a variety of solutions to guarantee their security.

Part of this responsibility lies on the healthcare institutions themselves. Hospitals must ensure regular software updates, avoid default settings, and provide comprehensive training to staff members. Healthcare providers must implement unique and multilayered login structures for every device, such as two-step logins, hard-coded passwords, firewalls, and fingerprint checks to ensure that patient information is securely stored.

Leading players’ solutions increase devices’ resilience to breaches

Advanced and complex security solutions

Prominent vendors, such as Medigate, Medcrypt, and Cynerio, provide advanced platforms designed to assist healthcare organizations in safeguarding their networks and connected medical devices.

These security vendors offer complex security solutions, including real-time threat detection, device monitoring, network activity visibility to medical device manufacturers, and vulnerability management solutions to enable healthcare providers to effectively identify and mitigate potential risks associated with their connected medical devices.

Detection and recovery plan

Cybersecurity providers are generally vigilant in offering detection and recovery services to safeguard medical assets and systems around the clock. In the event of a security breach, they must be able to swiftly implement response and recovery plans to mitigate the impact. With a focus on healthcare, they must be able to identify issues efficiently without overwhelming users with excessive information. They need to aim at taking instant action to restore normalcy as quickly as possible.

Network segmentation

Another important solution players should provide is network segmentation, which involves dividing devices into separate, private wireless networks to protect data in the event of a cyberattack. Firewalls and multi-factor authentication can achieve this. By segmenting the network into distinct zones, healthcare providers can isolate medical devices from other parts of the network, reducing the risk of a cyberattack spreading across the entire network. This segmentation also allows for more granular control over medical devices, limiting the potential for unauthorized access or tampering.

Modern network segmentation for medical devices now relies on technologies such as virtual LANs and subnets to keep up with advanced cyber threats. For instance, Cisco Systems, a multinational technology conglomerate, offers medical device security solutions whose key aspect is network segmentation. Cisco also provides specialized monitoring and analytics tools to assist healthcare organizations in detecting and responding to security incidents in real time. These tools can identify abnormal behavior on the network, alerting security teams to potential threats before they can cause harm.

AI technology and machine learning

IoT device security providers, such as IBM Corporation, Cylera, CyberMDX, Sternum, ClearDATA, and Palo Alto Networks, place emphasis on conducting comprehensive risk assessments during software validation to guarantee devices’ security. In the event of new cyberattacks, these providers inform stakeholders and offer solutions, such as security updates. They have integrated programs that utilize AI technology and machine learning to proactively manage risks and stay ahead of cybersecurity threats.

Security vendors contribute to IoT device safety protocols transformation

The cybersecurity industry is currently experiencing a surge of new companies that are transforming security protocols. Armis, a leading US-based asset intelligence cybersecurity company and provider of agentless device security solutions, is spearheading this movement.

Notably, Medtronic and Zimmer Biomet have incorporated Armis’ security platform into their products, such as insulin pumps and orthopedic devices. Armis offers the Armis Centrix platform, powered by the Armis AI-driven Asset Intelligence Engine. The platform has the capability to detect breaches, run routine security scans or updates, maintain asset visibility, identify blind spots, optimize resource allocation, and perform essential maintenance. Armis’ solutions encompass advanced threat intelligence and machine learning features, enabling the system to adapt to new and emerging threats. This proactive cybersecurity approach is essential in the healthcare sector, where any disruption or compromising of medical devices could have severe repercussions.

Collaboration is key to effectively managing cyberattacks

Collaborations between medical device manufacturers and cybersecurity vendors to combat IoT medical device hacking have great potential. It also facilitates the sharing of threat intelligence and best practices, enabling vendors and manufacturers to proactively address emerging threats and vulnerabilities. Their collaborative efforts center on safeguarding critical devices from cyber risks by implementing protective measures for both the devices and the data they collect.

Philips partnered with CyberMDX to create a vendor-neutral cybersecurity service

In November 2020, Philips, a prominent player in healthcare technology, partnered with CyberMDX, a cybersecurity expert specializing in medical devices. This partnership focused on enhancing the security of connected medical devices and systems, essential for protecting patient data and for the smooth operation of healthcare facilities.

Drawing from Philips’ industry expertise and CyberMDX’s cybersecurity solutions, together they provide vendor-neutral options to protect IoT medical devices. They focus on managing connected devices in hospital settings, whether they are managed or unmanaged, by utilizing a combination of risk assessment, detection, threat intelligence, and prevention capabilities in the constantly evolving healthcare technology landscape.

Medcrypt collaborated with NetRise to address cybersecurity issues

In August 2023, Medcrypt, a US-based proactive cybersecurity provider, partnered with NetRise, another US-based cybersecurity company. By combining Medcrypt’s experience in identifying and managing vulnerabilities with NetRise’s ability to develop Mobile Device Management software featuring a Software Bill of Materials (SBOM) for embedded devices and firmware, medical device manufacturers now have access to a comprehensive solution to protect their devices from potential cyber threats throughout their lifecycle.

Medcrypt integrated NetRise’s SBOM generation capabilities into the Helm tool, enabling continuous integration, analysis, and transparency of the ever-changing state of medical device software. This integration facilitates the proactive identification and mitigation of the most exploitable vulnerabilities, extending support for SBOMs across the entire lifecycle of medical devices. The resulting solution empowers medical device manufacturers to create, ingest, enhance, manage, and monitor SBOMs, providing invaluable insights into the vulnerabilities present in their embedded devices and firmware. This collaboration represents a significant advancement in bolstering cybersecurity measures within the healthcare industry.

The industry is moving towards Trojan-free devices to safeguard against cyberattacks

Among the various cybersecurity threats faced by IoT medical devices, hardware Trojans are emerging as a grave concern. Hardware Trojans involve the deliberate manipulation of an integrated circuit or electronic device to compromise its security features or functionality.

Hardware Trojans are typically small in size, consist of only a few gates, and alter the device chip’s functionality. Due to their small size, hardware Trojans are challenging to detect using traditional offline methods such as side-channel analysis or digital systems testing. As a result, the healthcare industry is increasingly prioritizing the development of Trojan-free medical devices to enhance the security of IoT medical devices.

Unlike other medical devices, Trojan-free devices are highly secure and challenging to breach. Attackers would need a high level of expertise to understand the device’s design blueprint through reverse engineering and then create a manipulation that can only be triggered under specific conditions.

Moreover, the development of Trojan-free medical devices presents a unique opportunity for manufacturers to drive innovation, improve patient care, advance cybersecurity solutions, and shape regulatory standards.

One example of a Trojan-free medical device is the Philips IntelliVue patient monitor, which tracks patients’ vital signs and provide real-time data. This device works with advanced network security measures, including firewalls, encryption, and intrusion detection/prevention systems, to safeguard against unauthorized access and malware infiltration. Its cybersecurity features are specifically designed to protect against potential threats such as unauthorized access and data breaches.

Boston Scientific’s S-ICD implantable cardioverter-defibrillator is another Trojan-free medical device. It treats patients at risk of sudden cardiac arrest by delivering an electric shock to restore normal heart rhythm. This device employs encryption to secure communication between the device and the programmer and authentication protocols to ensure that only authorized healthcare professionals can access and control it.

EOS Perspective

IoT has transformed numerous industries, with healthcare being no exception. In the realm of healthcare, IoT medical devices utilized in virtual wards, such as remote monitoring devices and wearable sensors, are susceptible to cyberattacks. These attacks can result in unauthorized access, data tampering, and disruption of patient care. Detecting and responding to cyber threats targeting medical devices is crucial.

To combat these threats, security vendors employed prevention systems, anomaly detection algorithms, and advanced analytics to identify potential cyberattacks and abnormal device behavior. Implementing robust incident response plans, conducting simulated exercises, and utilizing strong device security measures is imperative to safeguard against device-level cyber risks.

The field of cybersecurity in healthcare is intricate and constantly evolving. Addressing cybersecurity risks necessitates a comprehensive approach that encompasses technology, policies, regulations, and education. Continuous collaboration, vigilance, and adaptation to emerging threats are essential to ensure the security and safety of medical devices in the future.

Moreover, healthcare facilities must prioritize the implementation of robust device security risk management practices. This involves establishing standard protocols, automating device isolation, utilizing asset intelligence to minimize security breaches, and ensuring compliance with regulatory frameworks such as HIPAA, FDA, ISO 13485, and HITRUST when acquiring and managing connected medical devices.

In addition, healthcare facilities must provide comprehensive training to professionals who work with these devices on cybersecurity best practices and identifying potential security threats.

Collaboration between healthcare providers, device manufacturers, cybersecurity experts, and regulatory bodies is essential for enhancing the security of medical IoT devices. By sharing knowledge, resources, and best practices, stakeholders can collectively address vulnerabilities and safeguard healthcare systems.

Their collaborative efforts facilitate the adoption of SBOM formats, threat modeling processes, Secure Product Development Framework, encryption technologies, AI-based anomaly detection, regulatory frameworks, and secure hardware modules. This approach ensures a more secure environment for medical IoT devices and ultimately protects patient data and healthcare systems from potential cyber threats.

Innovations such as blockchain technology, biometric authentication, predictive analytics, regular patching or updates, and Trojan-free medical devices offer promising opportunities to enhance security measures in the healthcare sector. Trojan-free medical devices, in particular, show great potential in safeguarding patient data, ensuring device integrity, and maintaining the trustworthiness of healthcare technology. This not only improves device reliability but also reduces downtime, benefiting both patients and healthcare providers. This is likely the direction the industry will take in the long run.

By prioritizing proactive cybersecurity measures and compliance with regulations, healthcare security providers can offer potential solutions to enhance the security and integrity of medical devices and the data they handle.

Top