MedCrypt Looks to Make Medical Devices Safe From Cyber Attacks

Fears about medical device security have continued to grow as these devices have increasingly come to rely on networked technologies—and thus have become increasingly vulnerable to unlawful intrusions. Unfortunately, the answer from regulators has been somewhat delayed, with required protections for devices ranging from pacemakers to insulin pumps going into effect only two years.

In response, new technology companies have stepped up to begin filling the gaps in security left in the medical device industry. One such company—Philadelphia-based software company MedCrypt—happens to be ahead of the game.

Become a Subscriber

Please purchase a subscription to continue reading this article.

Subscribe Now

Founded by CEO Mike Kijewski and Eric Pancoast, MedCrypt developed its first security software aimed at medical devices in 2014—a full two years before the FDA formally recognized the dangerous vulnerabilities in medical device security and provided guidelines for manufacturers to avoid cybersecurity threats.

The company’s technology works by allowing medical device vendors to encrypt patients’ health data such that only trusted sources are able to access and instruct medical devices. The software also provides real-time monitoring that recognizes and warns vendors of any unusual user behavior.

One thing is clear: the healthcare industry sorely needs the protections that MedCrypt can offer. According to the publication Health IT security, over six million patient records in the United States were compromised due to network intrusions and cyberattacks in 2018 alone—and a report issued by CynergisTek in April founded that the healthcare industry has only reached 72 percent compliance with the HIPAA Security Rule aimed at protecting patient data.

Healthcare investors have recognized these problems and are putting more dollars into companies focused on medical device security. In May, MedCrypt successful raised $5.3 million in a Series A funding round led by former Google Ventures partner Bill Maris’ Section 32. Previous investors Eniac Ventures and Y Combinator—which included MedCrypt in its Winter 2019 batch—also participated. With this latest round, MedCrypt brings its total raised to $8.4 million.

As Kijewski noted in a statement following his company’s successful Series A round, “Internet-connected medical technology is entering the market at light speed, calling for devices to be secure by design, which leads to a heightened level of patient safety at all times…we're thrilled to see continued support from various groups in the industry, from the government to healthcare institutions and device vendors, along with support from our partners to help us further develop our technology and expand our team."