Enhanced cybersecurity for networked medical devices
Health apps, wearables, more and more pervasive digital infrastructure and increasing digitalization of hospitals are rapidly changing the face of care provision. Parts of care are moved outside the hospitals, responsibility for care provision is shared with patients, while providers become increasingly able to monitor them on an ongoing basis. This new type of care relies on the production, sharing, circulation and analysis of a great amount of personal health data. As data infrastructures become more and more central and interconnected, so do their vulnerabilities multiply. New industries, professionals and practices are emerging to securitize the networked healthcare system, and to guarantee its resilience to emerging threats.
With its focus on cybersecurity in the Internet of Medical Things and In Vitro Diagnostics, the CYMEDSEC project (Enhanced cybersecurity for networked medical devices through optimization of guidelines, standards, risk management and security by design), funded by the EU’s Horizon Europe, also addresses the vulnerabilities that come with emerging forms of digital and networked care provision. This project brings together academic and industry parties to rethink cybersecurity regulation and practice.
Within this project, our team’s focus lies at the intersection of issues of securitization and access. How are patients constituted in cybersecurity discourse, and with what consequences for patient-centered care, and access to care in general? What new actors and practices are ushered in through the mainstreaming of cybersecurity discourse, and how do these actors and practices change organization and provision of care? More generally, how can we think about the needs of different kinds of users within cybersecurity frameworks that disproportionately marginalize ‘humans’ as themselves a vulnerability for technical systems?