IRVING, Texas – Health care performance improvement company Vizient has formed a task rorce to minimize the risk and cost of medical device cybersecurity by creating standard practices for the health care industry.
The work of the Medical Device Cybersecurity Task Force will augment the U.S. Food & Drug Administration’s Medical Device Action Plan, which was released earlier this month. It will assess the overall maturity level of cybersecurity for medical devices and identify areas to improve, as well as focus on sourcing enhancements, standards, governance and information sharing best practices to reduce exposure to risk.
“Vizient is excited to step up and provide leadership in the area of medical device cybersecurity by facilitating collaboration between key stakeholders for the benefit of the entire industry,” said Ross Carevic, director, technology sourcing operations at Vizient, in a statement. “The goal is to help reduce cybersecurity risks and the cost of assessing risk.”
The task force will initially work on a multi-phase roadmap that will help advance the cybersecurity maturity posture of the entire health care industry, Carevic said.
The Medical Device Cybersecurity Task Force includes information security leaders from 25 member health systems. It will also engage device manufacturers, suppliers, cybersecurity consultants, government and industry experts. The task force will be assessing the overall maturity level of cybersecurity for medical devices and identify areas to improve. It will also focus on sourcing enhancements, standards, governance and information sharing best practices to reduce exposure to risk.
“We are viewing this from an entire industry perspective, not just for Vizient members and suppliers,” said Carevic. “Wherever possible, we intend to make key deliverables publically available, which will help suppliers and providers prioritize their remediation plans for older medical devices and ensure appropriate safeguards are included in new devices for the benefit of all patients.”