Medtech and health IT task force launches joint security plan

4 February 2019 14:55

The Medical Device and Health IT Joint Security Plan (JSP) has been unveiled to address challenges the healthcare industry faces when securing and protecting itself against cybersecurity incidents, both intentional and unintentional.

The plan was unveiled by a medical technology and health IT task force of medical device manufacturers, trade associations, FDA representatives and other health industry stakeholders – operating as part of the Healthcare Sector Coordinating Council (HSCC).

Zath Rothstein, AdvaMed vice president, technology and regulatory affairs, said: “AdvaMed congratulates the Healthcare Sector Coordinating Council on the release of the Joint Security Plan. The JSP provides a voluntary framework to assist medtech manufacturers, health IT vendors and others to continue to maintain the strongest cybersecurity practices for the benefit of patients everywhere, in a continuously evolving cybersecurity environment."

The JSP responds to and puts into effect recommendations and action items set forth in the June 2017 Health Care Industry Cybersecurity (HCIC) Task Force Report, which identified a need to increase the security and resilience of medical devices and health IT products.

It provides a voluntary framework that should be considered during the entire product lifecycle, and to assist medical device manufacturers and healthcare information technology vendors to incorporate strong cybersecurity into existing design control, quality systems and product release processes.

Rob Suarez, director of product security for BD, who served as industry co-chair for the working group that developed the JSP, said: “The collaborative approach on the JSP demonstrates the healthcare sector’s ongoing commitment to address cybersecurity challenges throughout the product lifecycle and across the healthcare delivery system. Developed in collaboration among the healthcare community – including medical device manufacturers, healthcare IT vendors, healthcare delivery organisations, related trade associations, independent security researchers and federal government representatives – the JSP is an important, foundational piece of the collective effort to help make medical devices and IT solutions more secure from potential hacking risks.”

Michael McNeil, global product security and services officer for Royal Philips and chair of MITA Cybersecurity Committee added: “MITA is encouraged by the engagement and collaboration among stakeholders and FDA to develop solutions for reducing medical device cybersecurity risks. As an increasingly important part of the modern health delivery infrastructure, it is important for medical device stakeholders to work together to share the responsibility of cybersecurity to ensure patient safety, privacy, and security.”

Related

Powering patient adherence with digital tools

On/Go for Good's Ron Gutman co-ordinates donations to Israeli citizens affected by terror attacks

Report reveals £9 million investment in the West Midlands

3M announces healthcare company to be named Solventum