PC Auto-Update After Patient Given Anesthesia Causes Hospital to Cancel Exam

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
20,714
We all loathe software updates regardless if they are Windows updates, phone updates, etc. They interrupt our train of thought and sometimes they commandeer our devices and restart them on their own. A Norwegian hospital, Ostfold Hospital, experienced the nightmare of a lifetime as a patient who had already been administered anesthesia was unable to be examined because the hospital's PC decided to start a software update. This of course ended the anesthesia treatment and the subsequent examination had to be rescheduled. Luckily the patient was only in for a scheduled exam and the situation was not an emergency. Regardless it was surely a black eye for the hospital rated as one of "Europe's very best in the use of new technology in treatment."

The hospital has subsequently modified routines so that such events can not happen again. - The routines have been reviewed and changed, and in principle it should not happen again. This type of PC should no longer be able to go to update without getting started manually, says Vist.
 

Shotglass01

[H]ard|Gawd
Joined
Aug 26, 2005
Messages
1,960
2it5ot.jpg
 

Exavior

[H]F Junkie
Joined
Dec 13, 2005
Messages
9,700
Personally I think the updating part is only part of the issue. This was the ONLY machine that they had to do the survey (that is at least the word that the page translated to). Yes the timing was bad, but why isn't there a spare computer in case that one breaks or does something like this. For something as major as a hospital you would think having a spare for major standard every day devices would be a must have when you are dealing with a good hospital.
 

lcpiper

[H]F Junkie
Joined
Jul 16, 2008
Messages
10,611
Personally I think the updating part is only part of the issue. This was the ONLY machine that they had to do the survey (that is at least the word that the page translated to). Yes the timing was bad, but why isn't there a spare computer in case that one breaks or does something like this. For something as major as a hospital you would think having a spare for major standard every day devices would be a must have when you are dealing with a good hospital.

Damn good point. If it's important, it must be redundant. That's like in the IT Bible ffs.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,831
While they aborted due to this being only a routine exam, at least from the hospital's viewpoint, I really hope they have a manual backup plan in case the computer becomes unavailable during a non-abortable operation. Part way into a lung transplant would be a really bad time to have the patient wake up.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
4,554
This is critical hospital equipment...... Why in the name of all that is holy is it connected to the internet, I could see it connecting to an intranet for management or monitoring but this should not have outside access, what does it need it for... (Windows updates apparently) .... That is what an WSUS server is for. This whole situation just stinks of poor IT management practices.
 

masquap

Limp Gawd
Joined
Oct 2, 2011
Messages
134
This is critical hospital equipment...... Why in the name of all that is holy is it connected to the internet, I could see it connecting to an intranet for management or monitoring but this should not have outside access, what does it need it for... (Windows updates apparently) .... That is what an WSUS server is for. This whole situation just stinks of poor IT management practices.

Hah, EVERYTHING is connected to the net, even industrial control systems these days. We put in a new fuel monitoring solution for our remote sites (where there is literally no internet for 100mi +)and you can't internally host. It's the cloud (with applicable subscription fees) or nothing these days, and all of these companies are 100% forcing it. Plus no doubt that hospital has support people in SE Asia because local staff are 'not financially viable', but you know, 50mil in legal fees for dead people is...
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
We all loathe software updates regardless if they are Windows updates, phone updates, etc. They interrupt our train of thought and sometimes they commandeer our devices and restart them on their own. A Norwegian hospital, Ostfold Hospital, experienced the nightmare of a lifetime as a patient who had already been administered anesthesia was unable to be examined because the hospital's PC decided to start a software update. This of course ended the anesthesia treatment and the subsequent examination had to be rescheduled. Luckily the patient was only in for a scheduled exam and the situation was not an emergency. Regardless it was surely a black eye for the hospital rated as one of "Europe's very best in the use of new technology in treatment."

The hospital has subsequently modified routines so that such events can not happen again. - The routines have been reviewed and changed, and in principle it should not happen again. This type of PC should no longer be able to go to update without getting started manually, says Vist.
See, at Microsoft, Security and having the latest feature updates is even more important than any medical procedure. Your Welcome.*

*can you find two sarcastic problems with this post?
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
Personally I think the updating part is only part of the issue. This was the ONLY machine that they had to do the survey (that is at least the word that the page translated to). Yes the timing was bad, but why isn't there a spare computer in case that one breaks or does something like this. For something as major as a hospital you would think having a spare for major standard every day devices would be a must have when you are dealing with a good hospital.
While I agree with you, I am under NDA by large corporations partially for trade secrets and partially because they act like morons when it comes to backup or anything business continuity related, because, you know, accountants run everything and the person who dies with the most beans wins.
 

Thatguybil

Limp Gawd
Joined
Jan 21, 2017
Messages
137
This is critical hospital equipment...... Why in the name of all that is holy is it connected to the internet, I could see it connecting to an intranet for management or monitoring but this should not have outside access, what does it need it for... (Windows updates apparently) .... That is what an WSUS server is for. This whole situation just stinks of poor IT management practices.

Device integration I presume. Anesthesia gas equipment is routinely networked into the EHR so that all the parameters are recorded and tracked.

That being said typically these kinds of devices are restricted to the intranet and don’t have direct access to the internet.
 

86 5.0L

Supreme [H]ardness
Joined
Nov 13, 2006
Messages
7,069
Slightly off topic but...

Is there any way to stop Win10 from updating? Have a PC that needs 100% uptime. Automatic updates are a big nono
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
Slightly off topic but...

Is there any way to stop Win10 from updating? Have a PC that needs 100% uptime. Automatic updates are a big nono
You can find ways online with registry settings, one problem is they keep changing it, so no silver bullet that I am aware of that you can rely on, it will be forced to update or reboot probably at some point after you allow an update to run. After each time you allow the update, you can search to see if they changed the way to stop or delay it, really a pain.
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
I recently took my A+ exams and before I could start, I had to wait because the test center computer was in the middle of a Windows 10 update.
Welcome to the wonderful world of IT. Your Microsoft masters are showing how they are in control 1984 style.
 

masquap

Limp Gawd
Joined
Oct 2, 2011
Messages
134
I see this more as an IT problem than a Win10 problem. They should have taken control and locked that thing down way before it was in a room with a patient.

I have little regard for lazy hospital IT staff.

Yeah, it's the staff that make the decision to roll out a hostile OS, it's the staff that choose to buy cloud connected hardware, it's the staff that choose to be understaffed.

This is 50% companies like Microsoft (who are trying to stitch you up to subscriptions) and 50% execs (who are dumb enough to think that cloud sourcing is the answer to too many staff), it's 0% "lazy staff".
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
I see this more as an IT problem than a Win10 problem. They should have taken control and locked that thing down way before it was in a room with a patient.

I have little regard for lazy hospital IT staff.
I think it happened way less or not at all when you initiated the upgrade or Service Pack install on previous OSs. I agree they should have either had an update server or forced it not to update, but MS has changed that so it can still update if you don't set the magic bits that control updates they tend to change whenever they want to in Win 10.
 

pendragon1

Fully [H]
Joined
Oct 7, 2000
Messages
32,763
wrf cagey? Norwegian?
also, this is the fault of the company or whoever left updates enable on the equipment, not ms.
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
could be worse a piece of an Infinia Hawkeye 4 system could fall on you and kill you.
https://www.itnonline.com/article/patient-killed-during-nuclear-imaging-scan

"The company was permitted access to the equipment on June 17. GE Healthcare determined the bolts securing the camera to the gantry were loose, thereby stressing the support mechanism and resulting in the incident. The safety concern is related to a potential patient entrapment or crush hazard if the camera falls during a patient exam, the company said."

You'd think they could have designed this a little better, I mean GE should be able to take some of those billions and make a fine product, with less falling parts. On something that heavy, you would think they would make it extremely securely fastened. Oh, those pesky bean counters again, probably.
 

Decibel

2[H]4U
Joined
Nov 10, 2000
Messages
3,838
Yeah, it's the staff that make the decision to roll out a hostile OS, it's the staff that choose to buy cloud connected hardware, it's the staff that choose to be understaffed.

This is 50% companies like Microsoft (who are trying to stitch you up to subscriptions) and 50% execs (who are dumb enough to think that cloud sourcing is the answer to too many staff), it's 0% "lazy staff".

Oh god, get over Win10 being a hostile OS. Like ANYTHING it can and should be beaten into submission. And yeah, any staff that throws out a Win10 deployment that doesn't call home to your own servers is LAZY in a fucking enterprise setting.

And it sounds like you might need to have a long talk with your boss...

I think it happened way less or not at all when you initiated the upgrade or Service Pack install on previous OSs. I agree they should have either had an update server or forced it not to update, but MS has changed that so it can still update if you don't set the magic bits that control updates they tend to change whenever they want to in Win 10.

I suppose since I'm deploying 100% via SCCM I see things a bit different than most. Win10 does exactly what we tell it to. Nothing hits the floor that isn't a fresh install based on one of our test builds.

Same thing we did on Win7, just newer tools.
 
Last edited:

gunbust3r

Gawd
Joined
Dec 12, 2004
Messages
900
Probably rocking a 4200 RPM spinning rust drive too. Updating, 30% come back in 45 minutes...
 

masquap

Limp Gawd
Joined
Oct 2, 2011
Messages
134
Oh god, get over Win10 being a hostile OS. Like ANYTHING it can and should be beaten into submission. And yeah, any staff that throws out a Win10 deployment that doesn't call home to your own servers is LAZY in a fucking enterprise setting.

You call me out for saying Windows 10 is a hostile OS, then you tell me it should be beaten into submission? Uh huh.
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
[

Oh god, get over Win10 being a hostile OS. Like ANYTHING it can and should be beaten into submission. And yeah, any staff that throws out a Win10 deployment that doesn't call home to your own servers is LAZY in a fucking enterprise setting.

And it sounds like you might need to have a long talk with your boss...



I suppose since I'm deploying 100% via SCCM I see things a bit different than most. Win10 does exactly what we tell it to. Nothing hits the floor that isn't a fresh install based on one of our test builds.

Same thing we did on Win7, just newer tools.

Having worked in a couple of places, sometimes there can be some odd configurations for specific devices, and this may be the case for this specific Hospital, it's tough to tell. Some hardware vendors have an OS (Win 10 or other) configuration and if you want to use their device, it's their config that is run. It's not a large percentage, but I have seen it. That can make things tricky. One of the first things to change would be to set it to update the OS when you want from your managed environment.
 

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
32,875
Having spent many years as an engineer in the Medical Device field this is a bit of a tricky issue.

Leave systems unpatched, and you could have a PC controlling a life sustaining device compromised by those with ill intent.

Install patches, and something like this can happen.

Ideally these things ought to be off the internet and airgapped, but doctors and hospitals love the convenience of having these things tied to patient records databases, and being able to send - for instance - imaging catheter images to their desk PC's

At the very least Windows should not be used at all for these systems, but I've lost that battle many times.
 

triwolf

Gawd
Joined
Dec 19, 2015
Messages
708
Having spent many years as an engineer in the Medical Device field this is a bit of a tricky issue.

Leave systems unpatched, and you could have a PC controlling a life sustaining device compromised by those with ill intent.

Install patches, and something like this can happen.

Ideally these things ought to be off the internet and airgapped, but doctors and hospitals love the convenience of having these things tied to patient records databases, and being able to send - for instance - imaging catheter images to their desk PC's

At the very least Windows should not be used at all for these systems, but I've lost that battle many times.
Been there too. I think the best way to think about it is the world is so complex everyone has to have things their way. The problem is making their way work with your company standard ways. Feels a bit like that Sisyphus guy who rolls the pebble up the hill only to have it roll back down for eternity. Never an easy fix! LOL
 

Exavior

[H]F Junkie
Joined
Dec 13, 2005
Messages
9,700
This is critical hospital equipment...... Why in the name of all that is holy is it connected to the internet, I could see it connecting to an intranet for management or monitoring but this should not have outside access, what does it need it for... (Windows updates apparently) .... That is what an WSUS server is for. This whole situation just stinks of poor IT management practices.

See, now maybe I am not fully understanding what the article is trying to say as I don't know how well the translation was but it sounded to me like this was not controlling the anesthesia. It sounded to me like this was a device used to access patient information. Like the carts they take around to do admissions at many hospitals.
 

dobieg2002

Limp Gawd
Joined
May 7, 2007
Messages
234
While unmanaged windows updates can be annoying and cause issues, a Hospital or any enterprise, helll even an SMB, should not be using automatic updates. They should be using SCCM or WuFB to manage the updates to ensure updates do not cause interruptions to critical systems or even downtime during business hours. If the hospital was using such a system it is an Internal IT operations issue and not Windows updates.
 

pendragon1

Fully [H]
Joined
Oct 7, 2000
Messages
32,763
or its completely stand alone and air gapped and never receives updates that might alter critical operations.
 

iamjanco

Limp Gawd
Joined
Jul 8, 2016
Messages
460
Patient ready for the probe and out of nowhere, Cortana asks "Something I can help you with?"
 

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
11,062
Win10 does exactly what we tell it to.
Plus what it wants to. Stick a sniffer in between the Win10 box and the switch and set it to record over the course of a month. You'd be amazed at what the Win10 box is doing, even if it's just "idle". Pay particular attention to IPv6 traffic, specifically NDP requests for the specifics. And yes, this is the volume-licensed Enterprise edition.
 

cyclone3d

[H]F Junkie
Joined
Aug 16, 2004
Messages
14,638
I wonder if the person that normally uses the computer just kept putting off the updates until the deadline came due for the updates.

Same thing happens where I work. People refuse to let Microsoft System Center install the updates and then complain about it rebooting after 2 weeks of warnings every few hours.

Some people are just dumb like that.

We do have some machines that run long tests and such that are exempt from forced updates.. but those same computers are generally only ever hooked up to the network for the purpose of installing updates or software.
 
Top