Security Requirements & Medical Device Network Connectivity

Health IT and Electronic Health Activate your FREE membership today | Log-in

Home > IT Answers > Security Requirements & Medical Device Network Connectivity

MedicalDeviceDataSecurity

5 pts.

Security Requirements & Medical Device Network Connectivity

Medical Device Data Security, Medical Device Network Closets

Are there regulatory requirements for medical device data connectivity, and their dedicated networks? Do they affect physical attributes of their network closets?

Software/Hardware used:
GE Patient Monitoring System, physiological monitoring

ASKED: January 16, 2012 4:47 PM

UPDATED: June 11, 2012 5:27 pm

RELATED QUESTIONS

Answer Wiki:

Yes, 1) Physical atributes: According to HIPAA Security Rule you must have: "implemented policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft?" Thus making sure the network closet is closed and locked, restricting access to anyone that does not belong in there. 2) Network devices: You must have "Audit Controls, hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use EPHI?" So because your monitoring systems use the network to transfer medical data, you are required to keep track of the activity happening on your modems, routers, switches etc. 3) Transmission of the information: As far as the transmission of the data over your network, you need to monitor your EPHI to make sure no one improperly makes any changes or deletes anything without anyone else noticing. You also must encrypt the data that gets transmitted where "appropriate" The Transmission of the information is classified as "Addressable" in the Security Rule, but that basically means "Required if it applies to you"

Yes,

1) Physical atributes:
According to HIPAA Security Rule you must have: "implemented policies and procedures to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft?" 
Thus making sure the network closet is closed and locked, restricting access to anyone that does not belong in there.

2) Network devices:
You must have "Audit Controls, hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use EPHI?"
So because your monitoring systems use the network to transfer medical data,
you are required to keep track of the activity happening on your modems, routers, switches etc.

3) Transmission of the information:
As far as the transmission of the data over your network, you need to monitor your EPHI to make sure no one improperly makes any changes or deletes anything without anyone else noticing.
You also must encrypt the data that gets transmitted where "appropriate"

The Transmission of the information is classified as "Addressable" in the Security Rule, but that basically means "Required if it applies to you"

Last Wiki Answer Submitted: June 11, 2012 5:27 pm by Ejmonteiro

15 pts.

All Answer Wiki Contributors: Ejmonteiro

15 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget publishes media for information technology professionals. More than 100 focused websites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to independent expert commentary and advice. At the Health IT Exchange, the online community and dedicated networking portal of SearchHealthIT.com, you can share solutions with health IT peers and get mission critical advice from industry experts. Ask questions, get answers and begin connecting with your colleagues today.

TechTarget Corporate Web Site | Media Kits | Site Map

TechTarget - The IT Media ROI Experts

Ask a Question

Browse IT Answers by Topic