Managing the Risk for Medical Devices Connected to the Cloud by CSA
こんにちは、丸山満彦です。
Cloud Security AllianceがManaging the Risk for Medical Devices Connected to the Cloudを公開していますね。。。
・2020.03.16 Managing the Risk for Medical Devices Connected to the Cloud
With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in the past. The new breed of connected medical devices brings the promise of improved patient care, better clinical data, improved efficiency, and reduced costs; however, they also bring increased security risks. The goal of this paper is to present the concept of managing medical devices based on their proximity to the patient and introduce practices to secure the use of cloud computing for medical devices.
目次です。
Table of Contents Introduction
Medical Device Security Life Cycle
Pre-Purchase
Post Purchase/Pre-Deployment
Network
Web Application Interface
Wireless Communications
Secure Communication Channels
Deployment/Operations Management
Devices with Zero Degrees of Separation
Devices with One Degree of Separation
Devices with Two Degrees of Separation
Devices with Three Degrees of Separation
Devices with Four Degrees of Separation
Decommission/Disposal
Recommendations and Conclusion
Recommendations
Conclusion/Need for Further Studies
References
=====
分離の程度です。。。
Degrees of Separation | Definition | Device Support Responsibility |
0degrees | The device is implanted in the patient. | Vendor and/or Physician or Medical Staff |
1degree | The device touches the patient. | Vendor or Clinical Engineering |
2degrees | The device does not touch the patient, but it is taking measurements of patient vital signs, fluids, or data. | Vendor or Clinical Engineering |
3degrees | The device does not touch the patient, but it may be doing something still vital to proper patient diagnosis. | Vendor or Clinical Engineering |
4degrees | The device is removed from the patient and is an operational tool more than a diagnostic or clinical device. | Vendor or IT |
« US、UKのテレワークガイダンス | Main | NIST ITL Bulletin Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions »
Comments