The National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology, has released draft guidance to help health care organizations secure wireless infusion pumps. Developed in collaboration with the health care community and manufacturers, the guidance uses standards-based commercially available technologies and best practices to help organizations strengthen the security of their wireless infusion pumps, medical devices used to deliver fluids such as nutrients and medications to patients in controlled amounts. “[W]ith an increasing number of infusion pumps connecting to networks, the vulnerabilities and risk factors become more critical as they can expose the pump ecosystem to external attacks, compromises or interference,” the authors note. According to NIST, the publication includes guidance on how to manage assets, protect against threats and mitigate vulnerabilities by performing a questionnaire-based risk assessment. In addition, the security characteristics of wireless infusion pumps are mapped to currently available security standards and the Health Insurance Portability and Accountability Act Security Rule. NIST will accept comments on the draft guidance through July 7.