Washington, DC (December 21, 2021) – The Healthcare Supply Chain Association (HSCA), which represents the nation's leading healthcare group purchasing organizations (GPOs), today released key cybersecurity considerations for medical device manufacturers, healthcare delivery organizations, and service providers to help safeguard patient health, safety, and privacy. In conjunction with the release of the key considerations, HSCA also published "Recommendations for Medical Device Cybersecurity Terms and Conditions," which details potential purchasing contract terms and conditions that could help ensure rapid adoption of rigorous cybersecurity measures.
"The widespread adoption of telemedicine and rapid shift to virtual operations during the COVID-19 pandemic has underscored the important role that information technology, software, and medical devices can play in improving patient care. However, as evidenced by recent cyberattacks, medical devices and services are vulnerable to cybersecurity threats that could jeopardize patient health, safety, and privacy," said HSCA President and CEO Todd Ebert, R. Ph. "GPOs leverage their unique line of sight over the supply chain to help providers harness the benefits of technology to care for their patients while guarding against cyber threats."
HSCA's cybersecurity measures include the following categories of considerations:
Ad Statistics
Times Displayed: 348574
Times Visited: 21068 MIT labs, experts in Multi-Vendor component level repair of: MRI Coils, RF amplifiers, Gradient Amplifiers Contrast Media Injectors. System repairs, sub-assembly repairs, component level repairs, refurbish/calibrate. info@mitlabsusa.com/+1 (305) 470-8013
Cybersecurity Training and Software: Includes designating an information technology security officer, maintaining updated anti-virus software, and implementing role-appropriate cyber training and assessments;
Equipment Acquisition Standards and Risk Coverage: Includes ensuring compliance with regulatory standards for purchasing medical devices and updating legacy devices, providing insurance policies to cover cybersecurity risks, and validating devices by testing manufacturer claims;
Data Encryption: Includes encrypting personal authentication data as well as any confidential or sensitive information when practical;
Information Sharing & Standards Organizations: Includes participating in Information Sharing and Analysis Organizations (ISAOs), certifying that suppliers of network-accessible medical devices, software and services are compliant with current FDA guidance documents, and ensuring that manufacturers provide a Manufacturer Disclosure Statement for Medical Device Security;
