In 2011, Methodist Hospital of Southern California, Arcadia physicians accessed diagnostic information from medical devices without the knowledge of the facility's information technology (IT) department. When hospital administrators found out, they took action to safeguard its medical devices because they knew the next incident involving the access of patient data might not be so benign, according to an article on the Health Facilities Management website.
Methodist Hospital began implementing safeguards two years ago. It hired an outside firm to develop an integrated systems management (ISM) program, which greatly reduces vulnerability of its more than 6,000 medical devices to cyber-attack.
"Not many hospitals have put a concerted effort toward addressing the risks of cybersecurity of medical devices. The Methodist program sets a great example that other hospitals can follow and in a very organized and methodical way," Jim Keller, vice president, health technology evaluation and safety, ECRI Institute, said in the article.
The program includes performing a rigorous 57-question, risk-assessment inspection of each new and existing medical device at the hospital to determine how it stores, transmits and protects electronic patient information, according to the article. Another part of the risk-assessment involves interviewing the end user, whether it is a physician, nurse or other staff member, to see how he or she uses the device.
Read the article.
Two Steps to Controlling the Hot Zone
RiverSpring Living Breaks Ground on River's Edge Senior Living Community
Encompass Health Reveals Plans to Build Inpatient Rehabilitation Hospital in Post Falls, Idaho
Creating Compassionate Spaces in Healthcare
Study Shows Connection Between Odor and Patient Experience