An MRI machine at Toronto’s Sunnybrook Hospital. Pictured on Tuesday, May 1, 2018. THE CANADIAN PRESS/Chris Young

An MRI machine at Toronto’s Sunnybrook Hospital. Pictured on Tuesday, May 1, 2018. THE CANADIAN PRESS/Chris Young

B.C. health authority isn’t effectively managing cybersecurity threat on medical devices: audit

Audit covered more 18,000 devices in the Lower Mainland, ranging from infusion pumps to MRI systems

British Columbia’s auditor general says the Provincial Health Services Authority is not effectively managing cybersecurity threats for medical devices and has not evaluated the risk to patients.

Michael Pickup says ineffective cybersecurity management means the authority can’t apply proper security controls to its systems and devices, and may not be able to detect cyberattacks.

The audit covered more 18,000 devices in the Lower Mainland, ranging from infusion pumps to MRI systems, and the systems supporting their operation.

He recommends the authority evaluate cybersecurity threats and the potential harm to patients, and take action to protect systems, devices and patients.

The Provincial Health Services Authority, which works with health authorities to provide care, says it accepts the audit’s recommendations and is implementing cybersecurity improvements.

Pickup’s report, released today, follows another last month that found the B.C. government did not have adequate cybersecurity practices in place to manage its computer systems in a review of five ministries, including Finance and Health.

READ MORE: Dr. Henry says COVID vaccine supply to increase in February; total cases top 70,000

BC Health

We are experiencing technical difficulties with our commenting platform and hope to be up and running again soon. In the meantime, you can still send us your thoughts on Facebook or Twitter, or submit a letter to the editor.