25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Anti-Malware Scan Stops Cardiac Catheterization Procedure

Posted By on May 12, 2016

It is important for anti-malware solutions to be used to protect medical devices, although care must be taken when configuring software. As was recently highlighted at a U.S. hospital, a software misconfiguration has the potential to have an adverse effect on patients.

Earlier this year, a cardiac catheterization procedure had to be halted when a hemo monitor PC was prevented from communicating with the hemo monitor. This resulted in the hemo monitor screen going black, preventing the operating room staff from viewing the patient’s physiological data.

There was a delay to the procedure of around five minutes while the application was rebooted, during which time the patient was sedated. The procedure continued after the application was brought back online and was completed successfully, although the delay could potentially have caused the patient to come to harm.

The Food and Drug Administration (FDA) has recently issued a report on the incident, which occurred on February 8, 2016.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The FDA investigation revealed that the temporary failure of the equipment – Merge Hemo V9.40.1 – was not due to a fault or malfunction with the programmable diagnostic computer or monitor, but with the anti-malware software that was used to protect the device from malicious software installations. The anti-malware software had been configured to scan all files, including patient data files and medical images. This was against the recommendations of Merge Healthcare, the manufacturer of the device.

According to Merge Healthcare, improper configuration of anti-malware software can result in downtime and may have an adverse effect on performance of the equipment. While it is important to regularly scan for viruses and other malicious software, it is essential that software is correctly configured.

Merge healthcare advises users to only scan for vulnerable files and to skip patient data files and medical images, which was clearly stated in the guidelines supplied with the equipment. The incident was attributed to human error when configuring the software.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist