DEF CON Safe Mode Biohacking Village - Meg Doerr - Cybersecurity Informed Consent 4 Medical Devices

Building on conversation within the Biohacking Village at DEFCON 27, and expertise in clinical care and implementation science (Dameff, Doerr, Tully), cybersecurity in healthcare (Coravos, Dameff, Tully), device policy and regulation (Coravos, Doerr), and informed consent (Doerr), we have defined a framework for “cybersecurity informed consent,”(CIC) a platform we hope will help directly address the patient (and clinician) awareness gap of the cybersecurity vulnerabilities of connected devices, enhancing the ecosystem of trust.(Tully, et al., 2020) In February 2020, we convened a 30-person advisory team comprised of white hat hackers, clinicians, and device makers focused on identifying potentially appropriate clinical scenarios for a demonstration of CIC, informed by legal and policy research performed by Science & Society Certificate Capstone students from Duke University (phase 2). We will present an overview of this work for comment and discussion as we move into the third phase of our project: implementation and assessment of CIC within the clinic.