The Global Diagnostic Imaging Healthcare IT & Radiation Therapy Trade Association (DITTA) has published a new white paper on cybersecurity, providing medical technology manufacturers with a list of recommended best practices.
“We are proud to announce the release of this Paper, a truly international effort,” Nicole Denjoy, chair of DITTA, said in a prepared statement.
The white paper, available in full as a PDF here, notes numerous risks related to cybersecurity are present in the medical device manufacturing industry. Faulty cybersecurity preparedness could lead to shutdown of a manufacturing facility, loss in productivity, a dip in quality due to failed inspections, leaked customer or design information, products being infected by faulty or dangerous software and other significant problems.
The document focuses on seven principles that can help “raise a manufacturer’s level of cybersecurity sophistication”:
- Segmenting networks
- Understanding data types and flows
- Hardening devices
- Monitoring devices and systems
- User management
- Updating devices
- Providing a recovery plan/escalation process
For each of these principles, the white paper identifies potential threats and recommends certain actions to defend against those threats. Additional documentation is provided as necessary.
“This document is not meant to be all-inclusive, but rather a representative set of best practices that manufacturers can implement both in their manufacturing facility and engineering processes,” according to the white paper.