- Full-range exceet security portfolio supports medical networks providers and medical product manufacturers
- Protecting patients, fulfilling due diligence requirements, and reducing security risks
Independently of the fact that patient safety must take precedence at all times, the law requires operators of medical networks and manufacturers of medical products to exercise due diligence. In practice, however, it can be difficult to determine who actually bears chief responsibility for installing security safeguards. Operators of medical networks and manufacturers are therefore obliged to take measures that protect medical devices from manipulation and unauthorized access.
Single Source for Hardware, Software & Risk Management
Flexible and secure hardware and software solutions are indispensable when designing secure medical infrastructures. In term of hardware, special attention must be paid to device selection. exceet offers standards devices as well as custom components developed specifically to match client requirements.
Compliance aspects constitute another important component of the value chain. In response to the above-mentioned hacker attack, exceet Secure Solutions has published a White Paper that specifically addresses the relevant issues. In particular, the document examines the DIN standard EN 80001-1: For years, risk management based on this standard has been a market-proven means for operators of medical IT networks to boost level of protection against intentional and unintentional manipulations. At the same time, it ensures compliance with statutory due diligence obligations.
Benefits for Patients and Compliance Officers
As a first step, liability risks and damage to patients can be reduced just by implementing a number of simple organizational measures. exceet has successfully established such solutions, which can be realized without major effort or expense, for a variety of healthcare clients. exceet’s experts have wide-ranging competence regarding the relevant DIN norms and other standards and legal provisions applicable to the healthcare field. Building on this basis, they work with client IT and compliance managers to develop and implement tailor-made risk management schemes.
“Risk management is an ideal complement to hard- and software-based solutions that allow secure connectivity between medical devices”, says Christian Schmitz, managing director of exceet Secure Solutions. “We offer IT security consulting to support the wide range of individually customizable components that can be used to create a so-called trusted ecosystem. Our portfolio extends from devices for data transmission to sophisticated PKI (public key infrastructure) solutions and the development of large-scale networks for confidential communication.”
The current White Paper offers managers of hospitals and other medical institutions a short yet comprehensive overview of the requirements of DIN EN 80001-1-compliant risk management. It serves to provide an initial estimate of costs and can be ordered free of charge by email to info@exceet.ch.