Fed-Up Hospitals Defy Windows Patching Rules 705
bingbong writes "According to Network World: 'Amid growing worries that Windows-based medical systems will
endanger patients if Microsoft-issued
security patches are not applied, hospitals
are rebelling against restrictions from device manufacturers that have
delayed or prevented such updates. Device makers such as GE Medical Systems,
Philips Medical Systems and Agfa say it typically takes months to test Microsoft patches because they could break the medical systems to which they're applied. In some instances, vendors won't authorize patch updates at all.' This is the typical patch vs. crash problem. Unfortunately, the stakes here could be human lives."
Stop playing solitaire on my dialysis machine (Score:5, Insightful)
Why do they need patching? (Score:5, Insightful)
FDA? (Score:5, Insightful)
OK.... We now have the Food and Drug Administration in charge of computer security?
Why is this a problem? (Score:3, Insightful)
Windows isn't for Medical mission critical apps (Score:1, Insightful)
All these computers should be running on UNIX servers connected to dumb terminals.
Doesn't have to be a issue (Score:5, Insightful)
Re:Two words: (Score:2, Insightful)
So...add another argument!
I say Open Source for our health.
Re:Why in the hell... (Score:5, Insightful)
How is a firewall going to stop an insider from exploiting the network? Does working in a hospital magically transform a person into a paragon of morality?
Can't say I'd blame Microsoft this time around. (Score:5, Insightful)
I would get laughed out of court if I tried to blame a critical problem with a report I wrote on my secretary, and the same should happen with these companies if somebody's loved one dies from their irresponsibility.
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
If it ain't broke, why fix it? (Score:3, Insightful)
Survery says... Beeep! Beeep! Beeep!
What "security" or other risk with a turnkey standalone system? I'd rather risk the remote chance of someone breaking into my room to run CAT-5 to my vitals monitor rather than a BSOD (possible REAL death in this case) because Service Pack x broke some obscure function and failed to alarm the nurse when my heart stopped.
Do the morons at the hospitals run Windows Update on the defibrillators?
The manufacturers have tested and retested and regression tested everything that goes into those medical devices (or they say, anyway), so why deviate from a known good combination without a compelling reason?
Why aren't these devices on an isolated network? (Score:3, Insightful)
This is not so much a Windows problem as opposed to a lazy network admin's problem.
Isolate those damn machines!!! Don't have network ports just opened everywhere! Come on, this is why network admins get paid the big bucks!
Re:I don't understand (Score:3, Insightful)
The problem is using an operating system that was meant for the home/server for a much different purpose, in this case running life support machines. The things were built 8 years ago, but even then there were OSs made for embedded systems. Now there is real-time embedded linux. While I'm not going to say it's perfect, it has what is needed and nothing more
The more features you add to a system, the more places you have to exploit it. Minimalism in design is always key
Re:Why in the hell... (Score:2, Insightful)
Why does anyone assume that doctors, nurses, etc. are any better at securing their laptops than the rest of the public?
Chicken Little (Score:3, Insightful)
Pshaw, what a pant load. Here's a more rational look at this.
1: Chances are, your life won't be at stake. Any doctor or nurse worth their salt should be able to keep you alive without a computer. It's not like it's sitting in the room beside you, monitoring you. At least, not one running Microsoft
2: Any System Administrator worth his/her salt never, ever, ever puts a patch on a critical system without first testing, testing, testing on another system.
3: Also, any System Administrator with half a brain puts some type of firewall in place between the world and critical systems.
If the above three conditions are not true then the failure has occured in more important places then Microsoft or the Software Provider.
And BTW, Linux is not the solution here. Sure the vendor might be able to put together a fix faster with open source but there would still be some lag time; assuming the software vendor chose to make a fix at all and not take the same attitude they are taking with Microsoft.
Everyone's asking why aren't they firewalled... (Score:5, Insightful)
Pretty soon, the internal network's either too busy generating random traffic to do anything else-- and even if the Big Iron of the business, the dialysis machines and heart-lung devices and all those wonderful things that better damned well not break work fine, you've still got the terminal the nurse sits in front of that keeps track of when to issue you your shot that keeps you alive spending half its time rebooting because it's got Sasser.
This is not a problem a firewall can solve, and it's pretty darned big: You can't go throwing software around willy-nilly to solve this problem (even though the real problem is that the users _are_ throwing software around willy-nilly), so you can't just go "oooh! A next-day patch from Microsoft, let's hope their two hours worth of QA before it walked out the door was good enough!".
-JDF
Re:Stop playing solitaire on my dialysis machine (Score:1, Insightful)
I agree with you in general, but would probably use QNX [qnx.com]
Re:Why do they need patching? (Score:5, Insightful)
Who said they're on the internet? Consider the following scenario:
The Hospital PCs are connected to a primary server that backs up all data and managed the PCs.
The Primary Server has a leased line or occasional dial-up to transfer data to a state-wide backup and update site.
The backup and update site has firewalled internet access for a VPN to GE, and troubleshooting purposes.
GE communicates with customers via internet email. One clerk in a backroom opens an attachment with an RPC worm. Within a half-hour the entire chain is compromised.
Any question on why having a monosystem Windows network is a bad thing? Even ONE Unix server in there would help break the chain.
This is scary (Score:2, Insightful)
The fact that people are installing patches on these machines against recommendations to do so scares the living shit out of me. I know that these people have good intentions but the road to hell is paved with good intentions. They don't know all of the variables. Some patch might introduce a new feature (something that does happen from time to time with MS patches) that causes the software to malfunction. This could cost lives. I really think a $50 firewall box would be a much better idea.
Re:Why is this a problem? (Score:2, Insightful)
Frankly, many critical machines should have only outbound connections, and not accept *any* incoming network traffic. They can then be monitored remotely, but if something needs to be changed, then a person can physically walk up to the machine and change it locally. If it can't be affected by the network, then there are no worries at all.
Don't everyone go and panic (Score:2, Insightful)
I can't imagine Philips and GE doing any differntly. None of the medical manufactures want to take a chance of putting something critical on a windows machine, and killing a patient due to a windows system crash.
Re:FDA? (Score:2, Insightful)
Such broad interpretive documents have no place or value in the health industry. Seriously, the FDA will not (at the time) even provide or allow to be provided a proper validation of a software package for CFR part 11 submission, which i suppose speaks to your point of their internal understanding of computer systems.
Re:Stop with the security through obscurity crap (Score:5, Insightful)
The reason it the smaller the OS the less you have to test it. The whole KISS thing. Keep it simple stupid.
On a standalone ebedded system you do not need support for TrueType fonts, every printer and USB device known to man, or even video playback. On an Embeded device you often only need a few functions but those functions have to work. If you have ever programmed under windows you will find all sorts of APIs just do not work or do not work the way they are documented. Windows programers just program around these issues. You should always use the smallest OS that you can get away with for the device you are using. Linux is a good option for very flexable embedded devices. I would tend to stay clear of X and use nano-x myself.
There are many off the shelf ebeded OSs the most popular I can think of is QNX. For life critcal systems I would go for QNX over windows any day.
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
Sounds like a tech-challenged reporter reporting wide-eyed about crashing "medical devices" which she doesn't really understand.
get back to native inline machine code, dammit (Score:3, Insightful)
basically, it's just pseudocode that anybody is writing any more, anyway. flip it through a different compiler, a cheaper machine language compiler, and debug with a logic analyzer if you have to. this is what the better high school kids were doing in the late 60s and early 70s, anyway, kids like wozniak and gates and kildall. wasn't any rougher for me to debug in the late 70s and early 80s than anything else.
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
Another example, is the IV pumps, most of these run windows2k, But, I've worked on a couple that run CE a small problem here, can do one of multiple things...increase drug flow, decrease drug flow, or stop drug flow, none of these are good...oh we gave him 7 days worth of morphine in 7 minutes...
Most of these problems would be noticed before some one dies...but it could happen, especially with the health care system becoming even tighter budgeted.
Re:Stop playing solitaire on my dialysis machine (Score:2, Insightful)
There are many posibilities of misuse
For example if someone installs a trojan and changes the data of the patient or display the wrong results
That can be very nasty
Re:Stop playing solitaire on my dialysis machine (Score:4, Insightful)
If it crashes, how do you know if the radiation dose was administered or not? Was it the whole dose? was it just part of the dose? Did the machine even turn off?
Those are awfully important questions for the doctors and radiation techs. Even moreso for the cancer patient that has to go through a battery of tests to determine the effect of a software glitch.
Re:Doesn't have to be a issue (Score:3, Insightful)
You need networking to be efficient. The problem is, it seems the medical manufacturers and Hospitals skimped on building a systematic network security infrastructure around these critical devices.
Re:Can't say I'd blame Microsoft this time around. (Score:2, Insightful)
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
Health care is expensive because we feel like it's worth it. Every new cure or treatment or test costs more money, not less. Improvement increases costs & we'd rather live longer than not so we're willing to pay the premium for improvement.
My point? Doctors are underpaid, especially primary care physicians. They should be paid a premium because they are doing such an important job and have to go through hell to get there. Regardless of whether they do it for the money or "love of life", they deserve to be compensated. So please don't rag on doctors for high health care costs.
The real evil lies in the insurance industry.
Re:Why is this a problem? (Score:3, Insightful)
You are assuming that the devices are in static locations. Many of the devices are portable. Doctors drag them into their office and plug them into the network. It is the same network that they plug their personal laptop into. It is the same laptop that they take home and surf the net with. It is the same net that infects the laptop that infects the hospital's network that infects the hospital's other hardware.
I am currently working in a hospital. I wonder if anyone has forwarded this item into the local IT newsgroup yet...
Re:Grrr! There are other OSs other than Windows (Score:3, Insightful)
They are.
The ultrasound machine that they use on you isn't running windows.
The computer hooked up to it, which handles the image analysis, display, and archiving, however, probably is.
Someone on the inside (Score:1, Insightful)
Down time in a hospital is extremely hard to come by, many systems are used by many departments and no one wants to be down for an hour for patches. Microsoft really isn't the problem here, though it would be nice to blame them. Most hospitals run the gamut of OS platforms, from AIX, Linux, Windows 95/98/2000/XP (yes we still have 95 in use, and some medical devices actually run 98, scary huh.), Apple OS 9/X, SCO Unix, that's all I can think of at the moment, but I'm sure there are more that I don't know about. All of the release patches. We have servers on site that we pay for that we are not allowed to do anything with, we don't even know the passwords. Sometimes that's fine with us because we were never given instructions on how to fix their problems, so better to just bug their support than us. Other systems we have some control of, but the way they were certified with the FDA we can't do anything with the system. In fact, just a few months ago I helped setup a system for our Labor and Delivery department to help with fetal monitors. This system seemed like it will do everything they need, however it is almost completely separated from our network, with the exception of an ADT feed. We are not even allowed to turn on automatically adjust for daylight savings, because that wasn't how the system was certified. Will this system ever get patches, not by us, and I doubt by the vendor. They had separate network drops installed from our network and that's the way it's going to be. Not only that but part of their backup process actually involves a floppy diskette.
Couple the FDA issues, with nobody wanting to spend money (for network equipment) and nobody here to do the work and you have a prime problem for a disaster. Viruses are a huge issue in a hospital a virus can take down many systems with no problem, you might say it needs to be more secure well tell that to the companies that require open shares for their product to work. Viruses are also a problem in hospitals when you consider the computer experience of many nurses and doctors. Some don't understand that an email can show up from someone they know and not really be sent by that person, so they trust the source and then we have an infection. Our POP3 server checks for new dat files every hour and still by the time we get the latest dat files the viruses have already been received by people. There is no way to win that short of time delaying email by like a day and that wouldn't go over well.
I've gone on too long, now most of these problems won't directly affect your patient care, aside from maybe slowing it down a bit. It can cause problems if you frequent that facility and they have previous studies and results to look at but suddenly they don't have access to them. Or that could even be the case in the current visit. One good thing with all these systems though is that they are redundant at times, so your allergies for example may be in 3 or 4 different systems, so if one is down they should still be able to find it in one of the other systems.
Also, don't forget that hospitals haven't quite made it to that paperless Nirvana.
AC signing out.
Just one of the many enourmous problems (Score:4, Insightful)
Knowing what I know there is no way in hell I will ever go to a hospital unless I'm already dead. Cause they'll kill you just sitting in the waiting area.
Re:Why do they need patching? (Score:4, Insightful)
Uhhh.... Do you think that all doctors know absolutely everything about the human body? Don't you think that they need references, too? And don't you think that maybe, just maybe, it's much easier to have up-to-date online references than book references? Why do you assume that the only thing that hospitals need internet for is surfing? You might as well stay home - your doctor looks up information online.
Maybe they also have billing systems that interact directly with insurance providers so that people don't have to use typewriters and carbon copies anymore. Jesus, there's more to the internet than porn and email. Deal with it.
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
Re:Stop playing solitaire on my dialysis machine (Score:4, Insightful)
Very honestly, most of these machines couldn't "kill omeone".
Hmm, a pain pump that doesn't correctly meter the morphine could easily kill someone.
I mean, if the radiation therapy machine crashes, nobody dies.
Wow, you mean if the control computer crashes leaving the shutter to the Cobalt source open nobody could die? How about gamma knife overexposing the brain stem, cooking the brain stem couldn't possibly kill someone. How about a faulty homing cycle where the radiation head homes to the patient table, even if a patient is there.
Do me a favor, don't work on human critical systems.
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
There are a ton of good OSes out there for specialty applications and, surprise!, most of them don't involve Linux! Linux is not the be-all and end-all of OSes.
For human-life-critical applications, you should be using something that is demonstrably proven.
I work in a hospital (only 4 more days, though) (Score:2, Insightful)
Another thing is that we're under huge pressure to give physicians and radiologists access to data via the web. This could help save lives, if a patient's physician can look at their ultrasound, etc from his hotel while he's on vacation, etc, but the price you pay (which never counts for much with our managemnet) is decreased security. I am in this situation with some SW vendors who refuse to support a system if we let Windows Update automatically patch their system. They're afraid that they'll waste some support time on a problem related to a M$ patch breaking the OS or something their code depends on. I'm tired of seeing services killed and machines hung by what appear to be patchable exploits, so I'm doing it anyway. By doing this, you're giving the vendor a "get out of supporting their own app for free" card.
A final perspective is the class war between technical folks and the suits, who in my health care career have been non-technical folks who don't really like or understand technology, just data and applications, and in my current case, who seem to have a psychological/emotional problems with technical people in general.
When a clinical staff member here asks for some new functionality, or complains about having to change their password, management always comes down on their side, security be damned, because the implication is that if we require clinical folks to do _any_ extra work, or don't give them some new one-click, time-saving feature, we are impairing their ability to care for patients. It's the same way with supporting applications or hardware after hours, if a printer's jammed, it's perceived as being equivalent to a patient bleeding to death. Oh my god, it's "affecting patient care"! That's one of the reasons management doesn't want to tell a clinical user "no" Any time we say "no" we're perceived as being a problem. Those types of users can't see far enough don into the technical aspects fo things to understand the threats, just that they have to remember another password, or click another button.
Enough of this ranting. I'm getting disgusted with the whole thing all over again!
If you can't tell yet, I've had enough of being a technical proletariat. I'm sick and tired of dealing with Microsoft OS's and applications, and since there's not much else IT work in our area, I'm starting a new career in teaching with taking a 40% pay cut to teach at a local university.
By this weekedn, this will no longer be my problem
Many non-obvious apps can be critical (Score:4, Insightful)
But there are a lot of applications that are not themselves critical, but could play a part. I work for a company that does materials management software for hospitals. This stuff is tweaked for efficiency, and hospitals rely on it. It runs on Windows only. Doesn't sound quite like the importance of a pacemaker, right? Well let's say the hospital gets hit by a virus. Yes, it happens, even with firewalls. Now their materials system is fubar, and they are used to it having the right supplies on hand at the right times. If it is low on something, it reorders it automatically. Now they are screwed, and they don't have something that they really need. Someone could die.
Hospitals have to operate on razor thin margins, and they can't stock millions upon millions of dollars of everything. They look to lower their on-hands inventory as much as possible.
There is all kinds of software in the hospitals that can go horribly wrong, not just the obvious stuff.
Re:Why do they need patching? (Score:3, Insightful)
You want a doctor that never reads medical journals, consults with colleagues, participates in research studies,...?
All that stuff is likely to be an integral part of any good doctor's daily job (including doing research to help diagnose you; you don't really want a doctor who make every single diagnosis based on memory alone).
--b.
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
If the case went to court, yes. But there is a lot more to it than that. The hospital wouldn't win in court, but the vendor would get annihilated in the marketplace by a saavy customer.
When your using free software, and you threaten to not only not buy any more, but tell your friends not to either, it doesn't really make your problem better.
When you've got a big name vendor, you've got a lot of leverage. Threaten to defer future sales, be a reference customer for a competitor, or make a stink in a trade publication and you'll get pretty much anything you want. The argument of "we do a lot of business with you, and we're not happy" works a lot better when used on a vendor you actually pay.
It's a lot harder to tell a paying customer: "too bad, you shouldn't have done something so stupid."
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
This happened to me in a hospital:
I was admitted for severe breathing difficulties and chest pain. This put me on the heart attack route. Turned out to be a rare form of asthma. While I set in a bed on oxygen, I looked up to watch my heart monitor flat-line. The crash cart crew runs in with all the resucitation equipment and my heart monitor starts beating again. They give me weird looks and examine me up an down to see that I'm doing great on the oxygen. This happens a second time. About 10 minutes later the hospital IS staff show up and examine it, and he says, "Aha, yours is set on the network to show the guy next door."
He leaves and I hear the crash cart go whizzing by my door.
Networked critical care systems are a bad idea--except to report a central monitoring station. Windows is an even worse idea. Why this kind of crap is tolerated is beyond me.
ShawnComment removed (Score:2, Insightful)
Re:Stop playing solitaire on my dialysis machine (Score:1, Insightful)
There is a proper balance to find between "very cheap and crappy" and "100.0000% secure, properly tested bu 15x more expensive". Nothing is perfect, nor is software, nor is hardware, nor is nurses and doctors. My guess is that as long as death by software mistakes are much lower than (and so insignificants compared to) deaths by human mistake, nobody will care.
Mistakes are part of life. Of course, software mistake can be minimized, but at what cost? And is it worth it?
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
Comment removed (Score:5, Insightful)
The DILEMMA of Configuration Management (Score:3, Insightful)
- controlling the Configuration of equipment, in order to ensure consistent behavior.
Unfortunately, Configuration Management often does not take into account the fact that when you put a system on a network, it becomes part of a larger system, and unless you manage the entire network of systems, then you cannot really control your conditions, nor can you ensure consistent behavior.
This needs to be taken into account as a basic "sky is blue" assumption of Configuration Management.
Sadly, it is not.
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
Or go bankrupt because we have no customers, because we don't use Windows. Besides, if our software crashes on one particular workstation (or all for that matter), I don't think anyone will die.
Re:Stop playing solitaire on my dialysis machine (Score:4, Insightful)
What do you expect the operator to see? Radiation is invisible; you could easily not tell if the machine was still spitting out radiation or not. You can also overload on radiation quickly; by the time the operator notices what's going on, it may be too late.
Just as importantly, there should always be multiple lines of protection. Trusting the operator to handle the problems when the machine screws up is a bad thing; the operator may have stepped out for a smoke break, be thinking about her golf game, or have a stroke. It may be one in a million, but with half a million people needing four or five sessions every year, that's several needless deaths a year.
Re:Stop playing solitaire on my dialysis machine (Score:3, Insightful)
um, no. ALL of the blame rests on the software developer. If you all weren't so goddamn lazy and quick to grab dollars at the expense of careful design and reliable architecture, you wouldn't be using windows at all.
The backend for the software I work on actually runs in Unix, and we have hospitals that are thinking of going to NT only [...]
When you get back to 1997, would you call me and tell me to invest in eBay and Yahoo? Tell me to sell in february 2000 while you're at it. And then tell your company that they're fools for thinking that fat-client software has a future in 2004 when everything that's successful now has a web interface.
[...]which means we have to try to port our code to it or loose that customer.
bullshit. Why would their client envronment have any impact on your archtecture for an embedded system? If the customer needs a GUI frontend to your device, do it with Apache. I think there is a version available for QNX, which is the OS you would use (once again) if you weren't so GODDAMN LAZY. Instead, you create a mess, comfortable in your knowledge that you will always have a future cleaning up after yourself.
repeat after me: there is no excuse for using Windows in any embedded system.
Again: there is NO EXCUSE for using Windows in any embedded system.
Off The Shelf OS's v. Industrial OS's (Score:3, Insightful)
The temptation is way to great for the bean counters and greedy sales typs to switch the robust hardware and OS for the commodity type and save a bundle up front.
Consider a $500 PC and an $2500 industrial PC. If you let the bean counter do the math he will tell you about the 3ghz P4, GeForce 4 100 gig hdd v. the P3 20 gig with an average video card.
Then you explain that the OS's have the same disparity in cost and he starts to get confused
I have said many times before that we have Windows not because it was best but because it was cheapest. Same with the clone PC. MS got to be the default OS because it was generaly 50% of what the other OS's were.
Now when it comes to saving lives the cost should not matter, however, it is still a business. And there are still bean counters and greedy sales people who get to make some very powerful decisions.
Comment removed (Score:4, Insightful)
Bad idea anyway (Score:3, Insightful)
Why in the world are they using a desktop operating system of any kind on medical equipment?
I wouldn't care how stable it was, that doesn't belong in that market.. Embedded systems that are dedicated to the need are what should be used...
Vicious Circle (Score:3, Insightful)
Even the few vendors I've seen who have balls enough to release a Linux version of their software are tied to specific distributions, specific kernels, etc.
The real problem (Score:2, Insightful)
If the folks building these machines would take the time to turn off unneccessary services, and do some basic hardening (there are several excellent hardening guidelines for Windows avaialble from SANS, NIST, and other places) many of the worms would not be as big a problem. Couple this with some firewalling, IDS, and logical network segregation (as mentioned in the article) and the patches become less relevant.
I work at a hospital and am working with teams developing FDA-compliant medical device software (much to my chagrin they are using Windows). The server build they have developed has been deployed in "the wild" for a couple of years without MS patches and without infection. Why? because they are only listening on one port and have taken the time to disable a bunch of unneccessary stuff.
We need to change the way we look at security flaws and build the machines right in the first place. We can't rely on patches as the sole means of securing systems from every worm that comes along -- especially not when the systems are providing medical care!
Oh come on! (Score:4, Insightful)
I know everyone on Slashdot would LOVE to blame the OS, but really... the fault is not with the OS as much as it is the networking admins, and even more likely, the administration for not providing the NAs with the support they need to make a properly secure network.
Re:Stop playing solitaire on my dialysis machine (Score:5, Insightful)
I am a clinical doctor who programs in a couple of dozen languages and environments and follow the advancement in software solutions closely. I have been involved with clinical informatics only recently for the past couple of years though. Allow me to explain you some of the realities of the current health industry software. I admit I haven't sat down and structured the text well but I tried to put in as many issues as I could think of the moment.
The doctors want Windows or Macs. They want a familiar set up compared to what they use at home. It is very difficult to get doctors learn a completely different paradigm. There have been documented cases where nearly all the doctors in certain institutions rose up in arms because the developers thought they knew better and tried to force a solution onto them.
Most of the current set ups are almost always heterogeneous. We buy software from multiple vendors and bridge them together. This is because there are no completely integrated solutions as yet. GE and a few others are trying to close this gap but it is a VERY difficult one. Hospital information needs are not standard as your usual business information needs. The data processing here is often very simple but the volume and complexity of the data is overwhelming. It is not simple as Customers and Invoices. Clinical Medicine deals a lot with relatively abstract data with complex relationships. Most doctors know these relationships intuitively but there isn't enough published literature for a software developer to draw from. Clinical software is extremely expensive to build since the requirements are hard to establish. A lot of iterations are needed to fit the software to a given practice (This never gets completed usually and people settle for close enough).
Doctors themselves understand their needs best. A few doctors, while they don't hold CS degrees, practice design patterns or do EJB, do quite well to put together MS Access databases to solve their problems where professional software developers have not yet tread. Many times, they distribute these to their colleagues freely (Open Source if you will). Few even sell them. They may not be the best designed tools but they work. Mac's FileMaker and Linux's Total Rekall? don't exactly come close. Windows tools also have a larger number of books available to learn from.
Platform and tool costs are trivial, developer costs are not. A study in Human Computer Interactions is very essential here. Rich user interfaces are always preferred. Non-windows platforms don't have sufficiently advanced RAD tools. I really wanted Kylix to succeed. But I don't see any momentum behind it anymore. Veteran's Affairs Hospitals have built a remarkably physician friendly system. They are rightly proud of their constantly iterative development. They used Delphi but now that the system is stable (for user experience stand point) they are looking for other platforms. They looked at
The loss of work hours because the software does not fit the workflow at a given hospital is far far greater than losses due to worms and viruses.
The software should be as intuitive to use as possible. Should not require reading manuals. Hospitals always look whether the given software will slow the physician down in any way because physician time is very expensive and they rather have them seeing patients and generating revenue.
There is a case for cross-platform tools at the moment too. It is a case of mobility. Most doctors like to be able to review a patient's case online and advice on the phone when necessary. Many vendors provide web pages and applets for this but they often end up very unergonomic. But since the need is often information retrieval rather than data entry, they are accepted in the absence of the better alt