1032
Healthcare Organizations Served
2087
Audits Completed
100%
Pass Rate from HHS/CMS Audits
Biomedical devices in contemporary hospitals and other care delivery environments are necessarily ubiquitous. They are instrumental for delivering excellent health care.
We conducted a security risk assessment at a 400 bed hospital, and found the following:
Book a Free 30 Minute Consultation and Lets Make a Plan Together
For IT security practitioners, such biomedical devices are often a bane.
For various reasons, including unclear regulatory direction, many biomedical devices use outdated operating systems that run applications built with inadequate software security. As a result:
In most hospitals we assess, devices are rarely segregated into “Virtual LANS” that provide an added measure of safety. Instead in most hospitals, a virus infiltrating, say an old infusion pump running an unpatched version of Windows 2000 can propagate like wildfire, bringing the main hospital network to a crawl or even fully disabling it. Another example of a security hole is the use of an “unsecured” or poorly secured wireless connection that is easily exploitable by an attacker with rudimentary wireless hacking equipment.
Obviously the ramifications for a hospital are tremendous. Information is the lifeblood of modern hospitals – from admitting, to billing, to labs, and diagnostic machines to electronic medical record repositories, a modern hospital cannot function without reliable information.
For medical device companies we conduct a thorough data-flow based risk analysis of your device. This can include risks:
Techumen’s approach, and accompanying risk assessment report, follows the recommended FDA method for gauging risk and address the following elements:
Medical device manufacturers must adhere to strict guidance from the FDA. A risk assessment is now a requirement for any medical device that is to be connected within a provider network. Techumen’s analysis provides an expert independent assessment of your risks and how they should be mitigated.
Techumen provides cyber security and regulatory compliance audits, assessments, and consulting for healthcare organizations.