The HSCA (Healthcare Supply Chain Association) issued cybersecurity and patient privacy guidelines for medical device makers and healthcare providers.According to its website, the HSCA is a trade association that represents healthcare GPOs (group purchasing organizations) across the United States, with the goal of advocating for fair procurement practices and education to improve efficiency in the purchase and sale of healthcare goods and services.
The HSCA new cybersecurity recommendations address four important areas: cybersecurity training and software, data encryption, risk coverage and equipment procurement criteria, and standards organizations and information sharing.The guideline included pointers for both healthcare organizations and medical device makers on how to spot red flags before doing business with a new vendor or organization. To safeguard patient data privacy, third-party providers must adhere to stringent cybersecurity rules.
Concerns about medical device security have been raised in the last year as a result of repeated vulnerability exposures that potentially jeopardize patient safety. Lacks of insight into how many devices are on a hospital’s network, as well as a significant number of old legacy equipment that cannot be patched, are barriers to attaining medical device security.