NIST issues draft guidance on securing wireless infusion pumps

May 10, 2017 - 04:23 PM

The National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology, has released draft guidance to help health care organizations secure wireless infusion pumps. Developed in collaboration with the health care community and manufacturers, the guidance uses standards-based commercially available technologies and best practices to help organizations strengthen the security of their wireless infusion pumps, medical devices used to deliver fluids such as nutrients and medications to patients in controlled amounts. “[W]ith an increasing number of infusion pumps connecting to networks, the vulnerabilities and risk factors become more critical as they can expose the pump ecosystem to external attacks, compromises or interference,” the authors note. According to NIST, the publication includes guidance on how to manage assets, protect against threats and mitigate vulnerabilities by performing a questionnaire-based risk assessment. In addition, the security characteristics of wireless infusion pumps are mapped to currently available security standards and the Health Insurance Portability and Accountability Act Security Rule. NIST will accept comments on the draft guidance through July 7.

Related News Articles

Headline
Abbott updating pacemaker firmware to correct cybersecurity vulnerabilities
Abbott is updating the firmware for all St. Jude Medical radio frequency-enabled implantable pacemaker devices to address cybersecurity vulnerabilities that…
Headline
Organizations alerted to imaging, printer cyber vulnerabilities
Siemens has identified four vulnerabilities in molecular imaging products running Windows 7 that could allow an attacker to remotely execute arbitrary code,…
Headline
DHS issues update on federal efforts to strengthen cybersecurity
The Department of Homeland Security Friday released an initial update on efforts to strengthen the cybersecurity of federal networks and critical…
Headline
HHS issues update on ransomware attack
The Department of Health and Human Services yesterday issued an update on the new and evolving cyberattack using a variant of ransomware, which has hit…
Headline
Ransomware attack hits some U.S. hospitals
A new and evolving cyberattack using a variant of ransomware has hit some hospitals and a pharmaceutical company in the United States, as well as businesses in…
Headline
HHS issues alert on Microsoft cyber vulnerabilities, 'Hidden Cobra' threat
The Department of Health and Human Services last week alerted the health care sector to multiple vulnerabilities with Microsoft products and a threat by cyber…