About

TechNation is the primary monthly magazine and ultimate resource guide for over 12,000 medical equipment service professionals. Its diverse editorial and information helps biomedical, HTM, imaging and I.T. professionals keep their finger on the pulse of the healthcare technology community, helping advance their careers and further their profession.

Cut, Coag, and Compliance: A Practical Guide to Electrosurgery Testing | April 29
TechNation.TV | HTM Jobs | Right to Repair | Advertise
Subscribe

BIOMED 101: The Second Phase of Medical Device Integration

6 Mins Read

By Anthony J. Coronado, MBA

Medical equipment has gone through different phases in the past 25 years with a focus on improving technology. This evolution from analog electronics to digital components has led to our current phase of integration. Having taken a position with Providence Health in Southern California, I have encountered an effective business model that can change our current phase of integration by combining the IT end user support department with clinical engineering. By leading both teams as one, Providence Health can change the approach of our collaboration with medical device manufacturers and establish what I am calling the Second Phase of Integration.

Integrating medical devices with the electronic medical record has provided benefits to caregivers throughout the world. It has increased efficiency and removed the possibility of human error. It has also developed new vulnerabilities that have changed the skill set of healthcare technology management (HTM) professionals. Essentially, this integration has evolved medical devices into a network that incorporates medical devices into an infrastructure. With this change, integration middleware is introduced, more connectivity service events are present, and cybersecurity is a new primary focus when it comes to patient safety. IT principals that have been established for years must be applied when possible and medical equipment management plans need to be adapted.

The integration and cybersecurity challenge for medical devices has always been the lack of standardization of the operating systems that medical equipment uses with its software. IT benefits from standardizing all the hardware and can easily apply change, configuration and patch management to devices. Backups and recovery techniques can also be easily applied and having all the data at one source allows for a well-maintained data center. The current state of medical devices is the exact opposite and new technology is constantly being developed making the challenge more difficult. To help with this challenge, medical device manufacturers are required to disclose their devices security and privacy characteristics to device owners in the form of a Manufacturer Disclosure Statement for Medical Device Security (MDS2). With this form, manufacturers provide the necessary details for HTM professionals to establish controls to reduce the risk from networked medical devices.

Every networked medical device leaving production and hitting the market is vulnerable. One of the new activities required by HTM professionals is to produce hardening guides to reduce risk. The establishment of VLAN and network segmentation activities are now a common practice within medical device management. IT security principles can be used when appropriate, but with the quantity of different medical devices, the challenge provides a continuum of complexities. Health care, medical device service and cybersecurity organizations have been establishing strategies and technical safeguards to develop means of reducing risk from integration for almost a decade. All the hard work has led to where the industry is now. It is our job to aid in evolving the current practices to a new phase.

This year, 2023, marks the 10-year anniversary of my winning submission for ECRI Institutes “Health Devices Achievement Award.” This award is a global competition that is presented each year to health care organizations that demonstrate outstanding initiatives that promote patient safety or facilitates better strategic management of healthcare technology. Past winners include Johns Hopkins Hospital, Penn Medicine’s Center of Healthcare, and last year’s winner McLaren Northern Michigan. My submission was on an Integration Systems Management program established by Renovo Solutions that was implemented at Methodist Hospital of Arcadia. Our submission, “Equipment Management for the Digital Age,” gave the framework for addressing integration vulnerabilities back in 2013. It allowed me to collaborate with the FDA and establish the first safeguards for medical devices and cybersecurity. Ten years later, more devices can be networked and integrated but the concept is still the same. The introduction of a Second Phase of Integration can assist with the challenge.

Providence Health’s business model of integrating end user support with clinical engineering has established a new strategy that enhances the technical integration concept developed years ago. By combining skill sets, knowledge can be shared that can strengthen medical device security protocols. Our IT infrastructure is established, and the goal is to utilize it to the best of our ability when it comes to medical equipment. Providence has started the discussion of not using medical equipment manufacturer hardware, which includes computers, servers and virtual servers. The goal is to load their software to our infrastructure. This will allow our health care organization to apply our security and integration protocols, which allows us to have the complete management of the risk. This is what I am labeling the Second Phase of Integration.

By combining the two departments into one, the Second Phase of Integration can thrive with the proper coordination. As more vendor software is installed on medical center PCs/servers, hardware refresh activities can be managed jointly to make sure the vendor’s software is compatible with new versions of operating systems. Backups can be scheduled and managed more proficiently. Automatic patches, corrections and changes can be deployed. After each automatic push, a plan can be developed to validate the success by the clinical engineering team. IT security access can be shared between the two departments which will make integration more efficient, and equipment can be deployed quicker. This business model takes the First Phase of Integration and expands its capabilities to meet the challenges of medical device vulnerabilities in a live environment.

To make true change and progress in the HTM industry requires the sharing of “Best Practices.” The continual integration of IT with Clinical Engineering can combine “Best Practices” and opportunities to share information. The time has come to invite IT professionals to Clinical Engineering Associations throughout the country. If the Second Phase of Integration is embraced and enforced, health care organizations can put more power in the hands and minds of their technical employees. With this new skill set, well-rounded effective integration plans can be established. The cyber threat is real, and any healthcare organization can be the next target. Our job as HTM professionals is to develop new phases of integration to meet the vulnerabilities associated with technology and do our part of promoting a safe environment.  

Anthony J. Coronado, MBA, is the Director of Clinical Technology Services SoCal LA Coast for Providence | Shared Services.

Biomed 101 Nomination

  • Write a Biomed 101

    Share your knowledge and insights with a Biomed 101 article. This is an article written by biomeds for biomeds. It can cover something basic or one of the latest trends in HTM. The article should be 600 to 1,000 words. Please include a headshot photo of yourself for use with the article. Email your submission to Editor John Wallace at Editor@MDPublishing.com or fill out the form below.
  • Max. file size: 2 GB.
  • Max. file size: 2 GB.

Share.

Related Posts

Add A Comment

Leave A Reply

X