« US、UKのテレワークガイダンス | Main | NIST ITL Bulletin Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions »

2020.03.19

Managing the Risk for Medical Devices Connected to the Cloud by CSA

こんにちは、丸山満彦です。

Cloud Security AllianceがManaging the Risk for Medical Devices Connected to the Cloudを公開していますね。。。

Cloud Security Alliance

・2020.03.16 Managing the Risk for Medical Devices Connected to the Cloud

With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in the past. The new breed of connected medical devices brings the promise of improved patient care, better clinical data, improved efficiency, and reduced costs; however, they also bring increased security risks. The goal of this paper is to present the concept of managing medical devices based on their proximity to the patient and introduce practices to secure the use of cloud computing for medical devices.

 

目次です。

Table of Contents Introduction

Medical Device Security Life Cycle

Pre-Purchase

Post Purchase/Pre-Deployment

Network
Web Application Interface
Wireless Communications
Secure Communication Channels

Deployment/Operations Management

Devices with Zero Degrees of Separation
Devices with One Degree of Separation
Devices with Two Degrees of Separation
Devices with Three Degrees of Separation
Devices with Four Degrees of Separation

Decommission/Disposal

Recommendations and Conclusion

Recommendations

Conclusion/Need for Further Studies

References

 

=====

分離の程度です。。。

 

Degrees of Separation Definition Device Support Responsibility
0degrees The device is implanted in the patient. Vendor and/or Physician or Medical Staff
1degree  The device touches the patient. Vendor or Clinical Engineering
2degrees The device does not touch the patient, but it is taking measurements of patient vital signs, fluids, or data. Vendor or Clinical Engineering
3degrees The device does not touch the patient, but it may be doing something still vital to proper patient diagnosis. Vendor or Clinical Engineering
4degrees The device is removed from the patient and is an operational tool more than a diagnostic or clinical device. Vendor or IT

 

|

« US、UKのテレワークガイダンス | Main | NIST ITL Bulletin Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions »

Comments

Post a comment



(Not displayed with comment.)


Comments are moderated, and will not appear on this weblog until the author has approved them.



« US、UKのテレワークガイダンス | Main | NIST ITL Bulletin Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions »