In 2011, Methodist Hospital of Southern California, Arcadia physicians accessed diagnostic information from medical devices without the knowledge of the facility's information technology (IT) department. When hospital administrators found out, they took action to safeguard its medical devices because they knew the next incident involving the access of patient data might not be so benign, according to an article on the Health Facilities Management website.
Methodist Hospital began implementing safeguards two years ago. It hired an outside firm to develop an integrated systems management (ISM) program, which greatly reduces vulnerability of its more than 6,000 medical devices to cyber-attack.
"Not many hospitals have put a concerted effort toward addressing the risks of cybersecurity of medical devices. The Methodist program sets a great example that other hospitals can follow and in a very organized and methodical way," Jim Keller, vice president, health technology evaluation and safety, ECRI Institute, said in the article.
The program includes performing a rigorous 57-question, risk-assessment inspection of each new and existing medical device at the hospital to determine how it stores, transmits and protects electronic patient information, according to the article. Another part of the risk-assessment involves interviewing the end user, whether it is a physician, nurse or other staff member, to see how he or she uses the device.
Read the article.
Grounding Healthcare Spaces in Hospitality Principles
UC Davis Health Selects Rudolph and Sletten for Central Utility Plant Expansion
Cape Cod Healthcare Opens Upper 2 Floors of Edwin Barbey Patient Care Pavilion
Building Sustainable Healthcare for an Aging Population
Froedtert ThedaCare Announces Opening of ThedaCare Medical Center-Oshkosh