In conjunction with IRM|Analysis, the NCCoE analyzed risk factors in and around the infusion pump ecosystem and, with the results of that assessment, developed an example implementation that demonstrates how healthcare organizations can reduce cybersecurity risk, potentially reduce impact to patient safety, and implement current cybersecurity standards and best practices while maintaining the performance and usability of wireless infusion pumps. The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges.
“We are honored to be one of NCCoE’s many technology collaborators and to have contributed our IRM|Analysis enterprise cyber risk management software and subject matter expertise to this important effort,” said Clearwater CEO Steve Cagle. “Healthcare delivery organizations will want to use this best-practice guide in taking immediate steps to help alleviate potential threats to wireless infusion pumps.”
Section 2.5.2 of the NIST special publication states: “This section does not show you how to conduct a risk assessment. Instead, we present some basic steps for using the tool to conduct the risk assessment.” The steps include creating an inventory of information assets, establishing conformance with NIST-based security controls, determining the risk rating with likelihood and impact assessments, identifying risks that exceed the established risk threshold, and utilizing risk responses and dashboard reporting.
NIST Special Publication 1800-8 demonstrates how biomedical engineers and IT professionals can utilize technologies that are consistent with cybersecurity standards to help securely configure and deploy wireless infusion pumps within HDOs.
The final NIST publication is available for download on the NCCoE website.
Clearwater provides the most complete and trusted, enterprise-class cyber risk management solution available. Designed for healthcare providers and their partners, Clearwater’s IRM|Pro™ platform and experienced professional services team provide insights and actions to address compliance, cyber and patient safety risks. Clearwater is a 2017 Inc. 5000 fastest-growing company, the 2018 Best in KLAS winner in Cybersecurity Advisory Services, the 2017 and 2018 Black Book Marketing Research winner in Compliance and Risk Management Solutions, and exclusively endorsed by the American Hospital Association as well as numerous state hospital associations. Clearwater solutions have been deployed within hundreds of hospitals and health systems, Fortune 100 organizations, and federal government institutions. More information about Clearwater is at http://www.Clearwatercompliance.com.
Kriste Goad | firstname.lastname@example.org | (615) 440-9049
- Responding to Privacy and Security Concerns Surrounding APIs and Consumer Health Apps : July 8, 2020 | 11:00am–12:00pm CT - May 29, 2020
- Telehealth Insecurities: Evaluating Emerging Threats & Risk Response: June 25, 2020 | 11:00am–12:00pm CT - May 11, 2020
- IRM|Analysis™ Demo– June 24, 2020 11am–12pm CT - May 11, 2020