The Department of Veterans' Affairs, in its Field Security Office in the Office of Information Security, collects statistics on the prevalence of malicious software infections in its 156 medical centers. "Between January 2009 and December 2011, the VA detected 142 separate instances of malware infections affecting 207 medical devices found in radiation oncology, radiology, clinical lab, GI lab, ophthalmology imaging, cardiology imaging, pharmacy, sleep lab, cardiac catheterization lab, pulmonary, dental, audiology, dictation, and neurology," the report says.

The result of malware infections? "A common outcome was the unavailability of care because of computer outages. In one extreme instance, a computer virus infection in a catheterization lab required transport of patients to a different hospital."

In conclusion, the report's authors said the U.S. should re-think its strategy for collecting and sharing security-related information for medical devices and that manufacturers, along with regulators, should re-evaluate "security and privacy elements of their devices and systems." The report concluded: "Without an understanding of security and privacy, it will be difficult for patients and clinicians to establish confidence in device safety and effectiveness."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

in Network World's Wide Area Network section.