Table 14. Example Cybersecurity Policies for Consideration

from Cybersecurity Practices for Health Care Organizations~ RJ BLANCHARD BENEFIT SERVICES

Cybersecurity Practice #9: Medical Device Security

 Number of medical devices that do not conform to basic endpoint protection cybersecurity practices, trended over time. The goal is to reduce the number of medical devices that do not meet basic hygiene management practices or to implement practices for these devices. It is not always possible to reduce this number to zero. Mitigating factors should be employed to keep it as low as possible.  Number of devices that have unknown risks due to lack of manufacturer-disclosed information, trended over time. The goal is to ensure that device manufacturers have vulnerability disclosure programs and that your organization is privy to them.

Table 14. Example Cybersecurity Policies for Consideration

Next Article

Cybersecurity Practice #9: Medical Device Security

More articles from this publication:

Cybersecurity Practice #9: Medical Device Security

Table 12. Timeframes for Resolving Medical Device Vulnerabilities

Table 11. Roles and Responsibilities for an Organizational CIRT

Table 9. Factors for Consideration in Penetration Test Planning

Cybersecurity Practice #6: Network Management

Cybersecurity Practice #8: Security Operations Center and Incident Response

Appendix B: References

Table 13. Incident Response Plays for Attacks Against Medical Devices

Table 15. Acronyms and Abbreviations

This article is from:

Cybersecurity Practices for Health Care Organizations~ RJ BLANCHARD BENEFIT SERVICES