Medical Device & IoT Security
How Cyber Risks are Transforming Medical Device Management for HDOs
Standards facilitate commerce. They always have. Yet, despite how much attention IoT cybersecurity has gotten in recent years, the lack of a standards-driven path to best practices is hampering the ability of HDOs to effectively manage risks for medical and IoT devices. Learn how Meditology and Medigate are working toward a trusted, standards-driven approach to securing the Extended Internet of Things (XIoT) including medical devices.
Presented at HIMSS22 by Jonathan Elmer, ITRM Manager & Medical Device Security Architect at Meditology Services and Tom Finn, Market Development Director at Medigate
Our Approach Delivers Results in Quantifiable Risk Reduction
Meditology has over a decade of experience in assessing and building IoT & medical device security programs for leading health systems across the country. Our approach delivers results in quantifiable risk reduction associated with vulnerable medical device and IoT assets.
Meditology has a proven track record of developing medical device security programs that orchestrate the disparate people, processes, and specialized security technologies required to effectively track and manage risk for medical device assets. We provide a realistic, attainable, and actionable model fine-tuned over multiple years of deployment in leading health systems.
We have been actively involved in shaping the healthcare industry’s approach to securing these life-saving devices by maintaining relationships with regulators and standards entities including the FDA, MDISS, HIMSS, HITRUST®, and others.
Our approach is informed by our work with the federal government (ONC) conducting landscape analyses of ethical hacking and medical device security. We also maintain partnerships with leading medical device manufacturers and IoMT security solutions.
Why Meditology
HIPAA expert witness firm for OCR
Experienced CISOs and Privacy Officers
Dedicated to healthcare
Hundreds of clients coast to coast
Advisors to ONC / HHS
Related Resources
Blog Post
Customer Success Stories
We don’t have a med device program and for us to build it in the short time Meditology did would be impossible, and we don’t have the expertise or bandwidth.
Laid the foundation, know where our gaps are, have a non-bias deliverable to give to Execs to get money and funding to fully build program like this. I rate it a 5/5 and for the record, I am not an easy grader.
Security Analyst
Large Award-winning Physician-led Healthcare System
They were unfailingly professional throughout the information gathering and data gathering processes, kept to their timeline and verified the results that they found. The reports produced were accurate and easy to understand, with appropriate benchmarking to other health care organizations and the security industry as a whole. Most importantly, they provided concrete and achievable suggestions to help mitigate the risks identified.
Barbara Anson
CISO, Baptist Memorial Health Care Corporation of Memphis, TN
The Med Device Security Assessment service was very valuable: 5 out of 5 rating.
We’ve been trying to get a foothold, traction, and focus on our BioMed security program and this was the way to kick-start it, to do it. The Assessment has a lot of good information in it and is outlined in a way that makes it understandable to Executive Team and to senior leadership. We are using the Final Report to form an action plan to address high-risk findings and to move our program forward.