The final version of the NIST Cybersecurity Practice Guide for Securing Wireless Infusion Pumps in healthcare delivery organizations prepared by the National Cybersecurity Center of Excellence (NCCoE) and the National Institute of Standards and Technology (NIST) is already released.
Wireless infusion pumps today are not standalone devices. They could be linked to a variety of healthcare systems, networks, and other devices and may be a key cybersecurity risk.
In case attackers could obtain control of the wireless infusion pump ecosystem, pump configurations can be changed or malware may be installed triggering system breakdown, bringing about operational and security threats.
Attacking the equipment may harm the patients and their PHI may possibly be compromised. This sort of compromise might affect the patients’ medical care services, ruin their reputation, and produce substantial financial costs.
Safe-guarding wireless infusion pumps is a difficult task. Normal cybersecurity options including anti-virus application may have an effect on the capability of the equipment to perform properly and effectively. Quite often, the pumps possess maintenance default security codes which ought to be modified. If not, the pumps can become prone to attack. A lot of wireless infusion pumps may be accessed via network. This makes operations of the devices simpler, but it additionally presents a security weak spot. Attackers could potentially employ wireless access.
The guide assists healthcare delivery companies take care of and safeguard their wireless network systems and infusion pumps, minimize weaknesses, and defend against dangers.
The guide is a combined standardized commercially accessible technologies and industry best procedures to enable healthcare delivery establishments to fortify device security. The guidance comprises a questionnaire-based risk analysis and maps the security qualities of the remote infusion pump ecosystem to the NIST Cybersecurity Framework and the HIPAA Security Rule.
By employing the guide, healthcare delivery companies will produce a thorough security solution that is going to safeguard their wireless infusion pumps against different risk factors.
The following took part in developing the guide: BD, Baxter, Braun, Cisco, Clearwater Compliance, Intercede, Hospira, Digicert, MDISS, Smiths Medical, PFP Cybersecurity, Symantec, Ramparts, and TDI Technologies.
For the PDF of NIST Special Publication 1800-8A – Securing Wireless Infusion Pumps in Healthcare Delivery Organizations, download it from this link.