UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

NEMA - ANSI/NEMA HN 1

Manufacturer Disclosure Statement for Medical Device Security

active, Most Current
Buy Now
Organization: NEMA
Publication Date: 1 January 2019
Status: active
Page Count: 39
scope:

Information provided on the MDS2 form is intended to assist professionals responsible for executing security risk assessments in their management of medical device security capabilities. The information on the MDS2 form may be inappropriate for other purposes.

The Role of Healthcare Delivery Organizations in the Security Management Process

The healthcare delivery organization has the ultimate responsibility for providing effective security management.

In order to effectively manage medical information security and comply with relevant regulations, healthcare delivery organizations must employ administrative, physical, and technical safeguards- many of which are extrinsic to the actual device.

For example, healthcare delivery organizations might include some of the following activities when developing their security management programs:

a. Determine the types of data stored/transmitted by the manufacturer's device.

b. Obtain a list of all security-related features incorporated on the manufacturer's device and document which features are desired and how they are to be configured.

c. Identify and document all devices and applications which will communicate with the manufacturer's device, including specific identification tags.

d. Document resilience and recovery plans that include the manufacturer's device.

The Role of Medical Device Manufacturers in the Security Management Process

The greatest impact manufacturers can have on medical device security is to incorporate technical safeguards (i.e., security features) in their devices to facilitate healthcare delivery organizations' efforts in maintaining effective security programs and meeting any relevant regulatory requirements and/or Standards. The medical device manufacturing industry is increasingly aware of the importance of having effective security functionality in their devices. Manufacturers are generally including such security-related requirements in the production of new devices based on healthcare delivery organization needs and requirements.

Device manufacturers can assist healthcare delivery organizations in their security management programs by offering information describing:

a. The type of data stored/transmitted by the manufacturer's device;

b. How data is stored/transmitted by the manufacturer's device;

c. Any security-related features incorporated in the manufacturer's device.

intended Use:

Use for which a product, process, or service is intended according to the specifications, instructions, and information provided by the manufacturer. (source: ISO 14971: 2007, Application of... View More

Document History

ANSI/NEMA HN 1
January 1, 2019
Manufacturer Disclosure Statement for Medical Device Security
Information provided on the MDS2 form is intended to assist professionals responsible for executing security risk assessments in their management of medical device security capabilities. The...
January 1, 2013
Manufacturer Disclosure Statement for Medical Device Security
Information provided on the MDS2 form is intended to assist professionals responsible for security risk assessment processes in their management of medical device security issues. The information on...

References

Advertisement