How do you balance security and usability of software as a medical device (SaMD)? It’s not easy and trade-offs may need to be made by device companies in order to give users what they want and need to safely use it as intended.
In this episode of the Global Medical Device Podcast Etienne Nichols talks to Abbas Dhilawala, a cybersecurity and SaMD expert with Galen Data, about a new approach to cybersecurity and usability for SaMD companies to ensure products are both secure and user-friendly.
Abbas has 18 years of experience developing enterprise-grade software for the medical device industry and is well-versed with technology, industry standards, and the privacy of data.
Would you like to participate in an AMA (Ask Me Anything) session with this speaker? Head over tocommunity.greenlight.guruand use the access codeTrueQuality2022to see what AMA’s are coming up.
Usability and human factors testing standards exist. However, there’s no standard approach to follow for cybersecurity. Abbas’s approach is to obtain user feedback as soon as possible for SaMD to still be secure and user-friendly.
Different kinds of users in the healthcare spectrum can be trained to use SaMD, including hospital staff and patients - depending on their level of trust and understanding of technology.
Potential Pitfalls: Classification and credential layers, such as permissions and passwords, can put the security burden on the users but leads to the need for risk assessment/management for possible harm.
Biometrics: Cutting-edge technology, such as fingerprint, eye, and face scanning is not as secure, reliable, or consistent, but it’s getting better. Always have a backup plan.
Key Takeaway: There’s a lot of push on cybersecurity, but don’t take away the convenience or the usability aspect. Find a way to balance both usability and cybersecurity.
“Ultimately, if you make the product in a way that’s hard to use, you can be secure. If nobody uses it, it doesn’t really matter.”
“There’s lots of standards, just no harmonization.”
“What can you do to minimize stress? Health care is already a stressful environment.”
“The fundamental layer of security is to know who the user is.”
“Having standards is a nice thing because then you can develop tooling around that.”
ABOUT THE GLOBAL MEDICAL DEVICE PODCAST:
The Global Medical Device Podcast powered byGreenlight Guruis where today's brightest minds in the medical device industry go to get their most useful and actionable insider knowledge, direct from some of the world's leading medical device experts and companies.
Nick Tippmann is the Chief Marketing Officer for Greenlight Guru, a MedTech Lifecycle Excellence Platform (MLE) that provides an industry-specific solution to help medical technology innovators around the world use quality as an accelerator to move beyond baseline compliance and achieve True Quality. Tippmann is...