NEW

FDA Seeks ‘Remanufacturing’ Feedback from Biomeds

A little more than a month ago, the FDA released the draft guidance “Remanufacturing of Medical Devices” and asked healthcare technology management professionals, original equipment manufacturers, third-party repair organizations and more to submit comments.

United Imaging Goes “All-in” for Nashville

United Imaging makes its debut at HealthTrust University and its in-person debut at AHRA in Nashville over the next two weeks. At both events, the company will focus on several unique aspects of how it solves pervasive pain points in procuring and owning medical imaging equipment.

TechNation Asks Biomeds to Share Right to Repair Issues

TechNation is proud to support and be an advocate for the Right to Repair movement in the healthcare technology management and health care community. A new web form specifically allows biomeds everywhere to report incidents when an original equipment manufacturer...

Delivering precision solutions for a changing world

Change has been the one constant in nuclear medicine from the beginning, with the steady arrival of new radiopharmaceuticals, new technologies and an evolving regulatory environment. Today, as nuclear medicine expands rapidly beyond diagnostics and into novel...

MITA Issues Statement Regarding Report on PACS Systems Vulnerabilities

The Medical Imaging & Technology Alliance (MITA)

The Medical Imaging & Technology Alliance (MITA) issued the following statement in response to the U.S. Department of Health and Human Services’ (HHS) report regarding health delivery organizations’ (HDO) unsecured picture archiving and communication systems (PACS). MITA is the Secretariat for the Digital Imaging and Communications in Medicine (DICOM), the international Standard to transmit, store, retrieve, print, process and display medical imaging information.

“It’s important that all health delivery organizations take the necessary steps to mitigate exposure to cybersecurity threats,” said Patrick Hope, MITA executive director. “We encourage them to evaluate the security documentation provided with their PACS system ─ such as the Manufacturer Disclosure Statement for Medical Device Security (MDS2) ─ to determine how best to deploy their equipment in a safe and secure way. PACS systems are just one component that should be considered within an overall organizational cybersecurity strategy.”

The MDS2 supports security risk management within healthcare delivery organizations by providing standardized information on security control features integrated within medical devices. Manufacturers provide MDS2 on their product at the time of sale. The blank MDS2 may be found here.

Remote access to PACS systems requires consideration of protections, risk assessment and mitigation strategies by an HDO. HDO should also take insider threats and the benefits of a zero-trust policy into account when evaluating cybersecurity protections. Finally, programs processing DICOM media files should continue to take precautions such as scanning the files with anti-virus software and not assuming they are safe. Import systems should disable file execution when reading CDs or DVDs.

An HDO that suspects its PACS systems may be vulnerable should contact their original equipment manufacturer’s service department, even if the system has been re-manufactured in the aftermarket. “The original equipment manufacturer is best positioned to evaluate the risks posed by any potential vulnerability and offer validated remediation or mitigations where appropriate,” added Hope.

Previous

Next

Submit a Comment

Your email address will not be published. Required fields are marked *