5 ways to improve healthcare cybersecurity

How can we help you?

Contact information

* This field is mandatory

Country

First name*

First name (phonetic)

Last name*

Last name (phonetic)

Salutation

Academic title

Email address*

Business phone

Company*

Job title

Industry

Function

Specialty

Department

State or Province

City

Address

Zip or Postal Code

By specifying your reason for contact we will be able to provide you with a better service.

We work with partners and distributors who may contact you about this Philips product on our behalf.

Follow up information

Preferred method of contact

Best time to call

Estimated time of purchase

Comments

I hereby consent to processing of my personal data and sensitive personal data (if any) and transfer of such data abroad, in accordance with the Privacy Notice that can be found here.

What is cross border data transfer?

I agree on cross-border transfer of personal information.

I hereby agree to receive by email or telephone information about Philips products, services, events and promotions, including information by mail that is appropriate to me, taking into account my activities and preferences, including the Expectations I have indicated / and in this form.

I agree that Philips may share my personal information with authorized resellers of its Philips products and equipment in order to meet my expectations as stated in this form.

I would like to receive marketing related electronic communications about Philips products, services, events and promotions that may be relevant to me based on my user preferences and behavior. I can revoke my consent at any time.

Final CEE consent

Home › Our Approach › Perspectives › 5 ways to improve healthcare cybersecurity

Today’s world of connected care is fast becoming the foundation for a healthier society. Yet sophisticated, persistent cyberattacks threaten to compromise this effort. You can help prevent such threats by establishing a strong cybersecurity program – starting with these 5 actions.

A balancing act

Healthcare providers and patients need assurance that the technology they interact with on a daily basis is as secure as possible. Demands from customers and patients for accurate and accessible data must be balanced with stringent requirements for the security of that data. Governments and industry regulators take this matter very seriously and continue to address cyber-threats with rigorous legislation and regulation that also accommodates data sharing.

See our global policy addressing the evolving nature of security in medical technology.

Go to product security site

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access¹.

Government entities push to set strict security standards

The DoD, VA, FDA and other key influencers are requesting that new products and services be engineered to withstand serious cyber threats. Strict standards must be developed and deployed ubiquitously across all systems. This requires an unwavering attention to risk assessment, and adherence to security-based product development protocols and testing.

Here are 5 actions to consider when coordinating an approach to this challenge:

1. Build security into your product lifecycle

As you build your systems take a look at critical checkpoints, testing and harmonizing protection aspects each step of the way –build security into your products from the ground up. At Philips, we make certain our new systems meet expectations of today and are prepared for future upgradeability.

2. Include 3rd party software in your security plans

Companies reliant on the integration of 3rd party software open themselves to hidden risks posed by programming code that is not their own. To prepare for upcoming potential federal legislation on this topic, we are working to create a software Bill of Materials (BOM) for every product. This is critical in identifying and describing open source and 3rd party software components and allowing organizations to quickly respond to possible security vulnerabilities/breaches.

3. Establish a formal process for dealing with security incidents

It is important to handle all security incidents with a sense of urgency and sensitivity. Transparency is key. For example, our formal incident response management process includes documenting all communication, opening a corrective action program, developing a solution, and authoring an incident report.

4. Develop a robust Responsible Disclosure policy

Development of a Responsible Disclosure policy reassures customers that proper effort will be made to repair any vulnerabilities and prevent future damage. To ensure we are pulling in objective and real-time feedback, we collaborate proactively with the ‘ethical hacker’ research community to maintain a coordinated Responsible Disclosure process. This process provides additional input for Philips to manage potential vulnerabilities identified in products and solutions.

5. Form an accountable Product Cybersecurity team

Put together a team dedicated to product security. Their priority must always be to mitigate any situation by hypothesizing worse case scenarios before they happen and developing solutions and workarounds. Our Security Center of Excellence (SCoE) helps us manage these vulnerabilities. The Philips Product Security Incident Response Team evaluates potential security incidents and discovered vulnerabilities and develops response plans as necessary.

Connect with a Philips government account representative.

Connect with sales

Subscribe today to stay-up to date on healthcare transformation.

Subscribe now

Share on social media

More related news

Benefits of telehealth
Click here to learn more
Help for veterans with PTSD and mTBI
Click here to learn more
A blood test for concussions?
Click here to learn more

Become a proactive cybersecurity leader

Patient safety in today’s connected care environment is a task we all take very seriously. As we all evolve our cybersecurity programs, transparency, accountability and responsiveness must be priorities we continue to maintain.

Converting areas of potential concern into knowledge-sharing engagement opportunities can help refine critical thinking and lead to the development of solutions that enable regulatory compliance.

That’s why we’ve entered into ongoing productive dialogue with leaders in the cybersecurity ecosystem – customers, regulators, standards development organizations, industry groups, and security researchers, among others.

And we look forward to working with you, as well.

Best practice: Responsible Disclosure Policy

‘Responsible disclosure’ is a computer security term describing a vulnerability disclosure model². Recognizing this need as part of our product security policy, Philips became one of only two major medical device manufacturers to design and implement a Responsible Disclosure Policy. Our policy has been singled out as a ‘best practice’ by industry stakeholders. Following the guidelines detailed in the Responsible Disclosure Policy, there is a certain timeline for us to respond to suspected vulnerabilities. Confirmed vulnerabilities result in a direct report into government agencies such as DHS (ICS-CERT program) and are then communicated through the press to the public.

¹http://whatis.techtarget.com/definition/cybersecurity

² https://en.wikipedia.org/wiki/Responsible_disclosure

5 ways to improve healthcare cybersecurity

Contact information

Stay up-to-date and subscribe.

Join your peers, sign-up to stay informed and receive insights into healthcare innovations, straight to your inbox.

Contact information

Contact details

Company details

Home › Our Approach › Perspectives › 5 ways to improve healthcare cybersecurity

A balancing act

Government entities push to set strict security standards

More related news

Benefits of telehealth

Help for veterans with PTSD and mTBI

A blood test for concussions?

Become a proactive cybersecurity leader

Best practice: Responsible Disclosure Policy