A seven-step guide to managing and securing connected medical devices across healthcare delivery organizations.

By Chris Riha, MS, CCE, CISSP; Douglas Martin, MS, TOGAF Enterprise Architecture Leader, PMI-ACP; Stephen Haupt, MBA, MSEET, PMP

As medical technologies evolve, healthcare providers increasingly rely on interconnected devices for diagnosis, treatment, and care delivery. Securing the information stored and transmitted by medical devices and medical device systems is quintessential to a healthcare delivery organization (HDO) maintaining its cybersecurity hygiene to protect the privacy and security of health records, which is required by HIPAA and GDPR.

Additionally, with the prevalence of ransomware attacks, ensuring the availability of these systems and the associated data is a critical element for patient safety. Efficient management of these devices also depends on collaboration across departments.

This seven-step playbook offers guidance on the efficient management and seamless integration of connected medical devices in an HDO’s domain.

Laying the Groundwork: Cross-Department Collaboration

Breaking down silos between biomedical engineering, IT, and clinical departments is crucial for effective device management.

Successful hospitals implement:

  • Clear protocols outlining each department’s responsibilities for network support, patch management, operating system updates, backup/restore ownership, and anti-virus software management of both medical and non-medical devices.
  • Defined procedures for handling different types of network failures.
  • Regular communication channels between departments to prevent accidental network disruptions, as well as ensuring all stakeholders are aware of configuration or architectural changes, which should be managed through a structured and collaborative change management process.
  • Dedicated hotlines to route issues to the appropriate team based on the specific problem.

Step 1: Device Inventory and Network Architecture

Create an accurate inventory. Keeping track of connected medical devices is vital for efficient network management. Ensure there is a detailed inventory listing for each device, including its IP address, serial number, vendor details, software versions, and department location.

Additionally, having the software bill of materials is beneficial as it provides a library of all known software products that reside on the HDO’s network. As HDOs are required to maintain an inventory of all their medical devices and their service history, adding fields in the computerized maintenance management system to capture this information is not that onerous and provides an easily searchable database when new vulnerabilities are announced.

Streamline network architecture. Optimize the network architecture by segmenting the network into smaller, manageable subnets, allowing improved monitoring, control, and security for each connected medical device. See Best Practices for Managing Patient Monitoring Networks across the IT and Biomedical Departments and A Reference Architecture’s Value for Enhancing Healthcare Delivery Organization Cybersecurity for reference architecture for accomplishing this objective of micro-segmentation of clinical systems and best practices for patient monitoring networks.

Step 2: Robust Security Measures

Implement access control measures for connected devices, such as two-factor authentication and role-based access control. This helps ensure only authorized personnel can access, configure, or operate the connected medical devices. While two-factor authentication for logging into critical clinical systems during emergent procedures may be perceived to potentially create delays in providing care, the use of biometrics can mitigate that concern. Although fingerprint scans and facial recognition may be limited due to clinical staff wearing personal protective equipment, ie, gloves and facemasks.

Use encryption and firewalls. Use encryption for data transmission between medical devices and the hospital network. Deploy firewalls to prevent unauthorized access to the network and filter network traffic to maintain security.

Leverage zero-trust architecture security configurations for accessing clinical systems enhances the security posture of an organization. The National Institute of Standards and Technology offers details on how to implement Zero-Trust Architecture.

Connect to outside entities. With the growth of both AI-based systems and home health connections, the requirement for HDOs to connect to networks outside their domains has increased. Security risks for these connections can be mitigated by requiring VPNs for these connections. The National Institute of Standards and Technology’s Cybersecurity Center of Excellence offers a resource for managing and securing telehealth and home health connections.

Step 3: Device Configuration and Maintenance

Establish standardized configuration settings for each device type and vendor. Additionally, color coding of cabling to differentiate clinical systems from other systems is a best practice that is easily implemented. This simplifies device management, reduces the risks of misconfiguration, and enhances the overall network performance.

Schedule maintenance and updates. Regularly update connected medical devices to ensure they have the latest security patches and software versions. Schedule preventive maintenance and routine system checks to improve reliability and address potential issues early.

Step 4: Network Monitoring and Analytics

Use real-time monitoring tools to track device performance, network traffic, and user activity. Security Information and Event Management systems are one tool that can be contracted through third-party vendors. These tools help identify irregularities, device malfunctions, or suspicious activities, allowing prompt remediation. Care needs to be exercised when configuring surveillance of real-time physiological monitoring systems to avoid creating any delays in transmitting data.

Use predictive analytics and reporting. Analyze network data and generate reports on device utilization, performance trends, and potential risks. Predictive analytics can help optimize resource allocation, anticipate device failures, and make informed decisions on upgrading or replacing medical devices.

Step 5: Evaluating and Implementing New Technology

Review proposed new technology. Having a defined review process for proposed new medical devices or connected medical device systems is an essential step to ensure that a timely and accurate assessment of adding these new nodes to an HDO’s network can affect the cybersecurity posture. Vendors that adhere to standards such as ANSI/AAMI/UL2800, or IEEE/UL2621 for medical devices and IEEE/UL2933 TIPPSS for Clinical Internet of Things devices should be prioritized as they have performed due diligence to attest to the cybersecurity of their systems.

There are third-party vendors, like CORL Technologies and Censinet, that provide this type of assessment and are available as partners to assist an organization. Many medical device vendors provide a Manufacturers Disclosure Statement for Medical Devices Security for their products, which are based on NIST 800-53 and have a standardized format as defined by the ANSI/NEMA HN 1-2019 standard.

Integrate with intent. In addition to the cybersecurity of medical devices and medical device systems, the ability to integrate them and turn the data from them into actionable clinical knowledge is imperative. The IEEE 11073 family of standards is a valuable resource to reference to help ensure “plug and play” implementations.

Step 6: Training and Education

Ensure all staff understand their role in maintaining device security as human firewalls:

  • Provide clear user guides for managing device security, including network configurations and patch instructions.
  • Train healthcare IT teams to implement the best practices such as network segmentation.
  • Develop response protocols for cyber incidents and ensure all relevant staff are familiar with them.
  • Conduct regular security awareness training for all staff who interact with connected medical devices.

By implementing these strategies, hospitals can enhance the security and reliability of their connected medical device networks, ultimately improving patient care while protecting sensitive data and critical infrastructure.

Step 7: Incident Response and Contingency Planning

Establish an incident response plan. Develop a comprehensive incident response plan to address potential device malfunctions, cyberattacks, or network failures. Outline procedures to quickly detect, investigate, and respond to incidents, minimizing the impact on patient care and hospital operations. Processes such as Business Impact Assessments can be adapted to Clinical Impact Assessments (CIA). NIST has the NIST 800-34 Guideline for Contingency Planning for Federal Information Systems that has helpful hints for HDO’s in creating CIAs, as well as Disaster Recovery and Business Continuity plans.

Contingency planning for critical systems. Identify mission-critical medical devices and develop a contingency plan in case of prolonged device or network downtime. Ensure backup systems and manual processes are in place to continue providing essential patient care during outages.

Tabletop exercises provide scenarios for response planning for realistic occurrences where critical medical systems are unavailable. These exercises offer an opportunity to talk through contingency plans in a controlled and thoughtful manner, providing the HDO experience in addressing crisis scenarios. A value-added component of tabletop exercises is that they can uncover unexpected dependencies on either other systems impacted by outages or supply chain problems that can be proactively mitigated.

Building a Safer, Smarter Device Network

Efficiently managing connected medical devices in a hospital network requires a strategic approach to inventory management, security, configuration, and monitoring. Having an effective and efficient manner for reviewing and analyzing cybersecurity hygiene and interoperability. By following the guidelines outlined in this book, healthcare organizations can improve the safety, reliability, and performance of interconnected medical devices, ultimately leading to better patient outcomes and more efficient care delivery.

There are additional governmental resources available to healthcare delivery organizations such as CISA and SANS from the US government. The Canadian, UK, and Australian governments all have valuable resources for their healthcare providers.

Finally, the cost of implementing the technologies and processes in this playbook can be offset by reductions in cyber and/or business resumption insurance premiums.

About the authors: Chris Riha is a healthcare technology and cybersecurity consultant and principal at Chris Riha Consulting, where he is currently serving as security engineer for CereCore. He has over 40 years of experience leading clinical engineering and cybersecurity programs and holds multiple certifications, including CISSP, PMP, and CCE. Doug Martin is a senior solutions architect at Carilion Clinic with over 15 years of experience leading enterprise-level projects across clinical, technical, and administrative systems. He holds multiple project management and agile certifications and also works as a freelance writer and coach. Stephen D. Haupt is a healthcare IT executive with over 40 years of experience leading major technology initiatives at Centra Health and Carilion Clinic. He has overseen enterprise IT, clinical engineering, and infrastructure projects, and holds an MBA along with multiple professional certifications.

Authors’ Disclosure Statement: All authors state that they have no disclosures to declare for financial or other incentives from any organizations other than the organizations where they are currently employed.

ID 377636973 © Sinseeho | Dreamstime.com