In 2011, Methodist Hospital of Southern California, Arcadia physicians accessed diagnostic information from medical devices without the knowledge of the facility's information technology (IT) department. When hospital administrators found out, they took action to safeguard its medical devices because they knew the next incident involving the access of patient data might not be so benign, according to an article on the Health Facilities Management website.
Methodist Hospital began implementing safeguards two years ago. It hired an outside firm to develop an integrated systems management (ISM) program, which greatly reduces vulnerability of its more than 6,000 medical devices to cyber-attack.
"Not many hospitals have put a concerted effort toward addressing the risks of cybersecurity of medical devices. The Methodist program sets a great example that other hospitals can follow and in a very organized and methodical way," Jim Keller, vice president, health technology evaluation and safety, ECRI Institute, said in the article.
The program includes performing a rigorous 57-question, risk-assessment inspection of each new and existing medical device at the hospital to determine how it stores, transmits and protects electronic patient information, according to the article. Another part of the risk-assessment involves interviewing the end user, whether it is a physician, nurse or other staff member, to see how he or she uses the device.
Read the article.
Designing for Dignity: Supporting the Needs of An Aging Population
Encompass Health and BSA Announce Joint Venture for Amarillo Hospital
Healthy Buildings, Healthy Futures: IWBI and Georgetown Convene Policy Leaders in D.C.
California Bill Could Shift Workers' Comp Burden for Hospitals
Sturdy Health Announces Emergency Department Expansion and Modernization