Adding Logical Maintenance to Health Care Physical Maintenance of Medical Devices
The InterMed Group has been at the forefront of healthcare technology management for nearly 30 years; our trailblazing work in medical device and medical equipment cybersecurity has equipped healthcare organizations to face today’s complex security challenges and better prepare for the future.
Given the current cyber climate in the healthcare industry, we are pleased to introduce a cohesive cybersecurity suite of services that cater to the rising demand for strong cyber protections within healthcare.
Healthcare technology management (HTM) is not what it used to be; during 2020 we all witnessed a monumental influx in network-based connections; it is no surprise that with the huge shift in how device and patient data is transferred and stored that there has been a dramatic increase in healthcare cybersecurity data breaches.
In fact, in less than a year, healthcare breaches in the United States alone jumped a dramatic 55.1% from 2019 to 2020, with approximately 91.2% resulting in theft of personal information; the average facility took approximately 236 days to recover from a breach.1
InterMed understands that with an increasing amount of healthcare technology being connected to or housing ePHI, there is a growing concern about cybersecurity vulnerabilities that are not, and cannot, be remedied by the majority of HTM providers.
“Our holistic approach to ‘cyber hygiene’ is developed to be paired with medical equipment and the unique staffing aspects of each facility, with minimal disruption during implementation,” says InterMed Cyber Security Officer and Vice President of Support Operations Scott Nudelman.
Why Patch Management is Not Enough
Most medical device cybersecurity services currently available on the market cover the very basics of healthcare technology; they can inventory systems, devices, and the equipment, identify the current problems or vulnerabilities of the network, and complete patch management. All of this is important to maintaining your cyber hygiene, but is this enough in today’s world? The answer is simple: no, it is not.
Patch management is the process of distributing and applying original equipment manufacturer (OEM) and third-party software (iOS and Windows) updates for medical devices. They are necessary to correct errors and vulnerabilities while providing a more secure healthcare network environment and maintaining certain regulatory compliance. Not all manufacturers are current on patches, or they do not release third-party patches fast enough or at all for older equipment. If a patch is not available, you’re still vulnerable; we work with your IT and security team to ensure other compensating controls are in place when patches are no longer available or not released by the OEM.
The InterMed Difference
We have all witnessed a huge influx in network communication and data transferring throughout the last 18 months. Traditional healthcare facility IT departments are not equipped to adapt to the shifting strategies of cyber attackers on medical devices; they lack clearly defined ownership and responsibility of managing alerts and/or patches.
InterMed’s offering within its healthcare technology management services provides a scalable and more complete solution that not only enhances their client’s physical maintenance but also transcends the concept of logical maintenance (cybersecurity).
This software-agnostic solution ventures beyond standard visibility software, adapting to threats on an ongoing basis taking into consideration organizational specifics and growth.
Cybersecurity has become a major heartache for many organizations. InterMed’s services have a measurable and immediate impact within healthcare. This initiative is a great lift for healthcare delivery organizations; the time and resources that go into recovering from breach physically, financially, and in some cases even emotionally, are sizeable yet in most cases avoidable.
“Here at InterMed, we understand that our solutions not only change our client’s business, but they also impact lives – which isn’t something we take lightly,” says Nudelman. “At the end of the day, patient safety is the top priority for everyone in healthcare; it’s our responsibility as healthcare professionals and leaders to ensure we exhaust all efforts possible to keep patients and the equipment they rely on safe.”
Protecting our Partners
InterMed’s program combines education, physical inventory assessment and integrated services for prevention, detection, containment and culmination of results.
Clinical Asset Defense Engineers (CADE) from InterMed are set in place to provide ongoing service that continues beyond the first engagement. Overlap with InterMed’s highly utilized JumpTeamsTM services will allow for rapid deployment and immediate boots-on-the-ground implementation. Hand-picked JumpTeamsTM technicians, InterMed’s professional biomedical and field service engineers, receive selected training and testing to support the future of the InterMed Group’s cybersecurity services, including but not limited to Security Plus and HCISPP certification.
“InterMed has grown significantly over the past few years, both in size and in the development of core services. InterMed has taken a leadership role in delivering integrated cyber solutions for our clients regardless of their size. We are eager to use these services in tandem with our key industry partners to provide quantifiable solutions for our clients,” concludes Nudelman.
To learn more about the InterMed Group and to inquire about enlisting their HTM services, including their cybersecurity offerings, visit www.intermed1.com or email info@intermed1.com.
References
1 Bitglass. Bitglass Healthcare Breach Report 2021 | Hacking and IT Incidents on the Rise. Bitglass, 2021. https://pages.bitglass.com/rs/418-ZAL-815/images/CDFY21Q1HealthcareBreachReport2021.pdf?aliId=eyJpIjoiOE54NGRRTkhCZDY3aUxGMiIsInQiOiJ0RTZ1QVZXbnFPUGRhZXhVbmhyMmVnPT0ifQ%253D%253D
