120 likes | 278 Views
Managing Wireless Medical Device Security Challenges in Today's Enterprise HealthCare. Neil Buckley AMA-IEEE Conference March 22, 2010. Partners HealthCare System.
E N D
Managing Wireless Medical Device Security Challenges in Today's Enterprise HealthCare Neil Buckley AMA-IEEE Conference March 22, 2010
Partners HealthCare System Partners HealthCare was founded in 1994 by Brigham and Women's Hospital and Massachusetts General Hospital. Partners is an integrated health care system that offers patients a continuum of coordinated high-quality care. The system includes primary care and specialty physicians, community hospitals, the two founding academic medical centers, specialty facilities, community health centers, and other health-related entities. Partners HealthCare is a non-profit organization.
Partners HealthCare System • Mission • Deliver high quality, safe and cost effective patient care • Conduct leading edge biomedical research • Educate the next generation of health care providers • Overview • $7.9B in revenues (FY10) • Eleven hospitals • 140 care locations • 6,300 physicians • 2.9M outpatient visits • 149,000 inpatient admissions • $1B biomedical research (FY10)
Wireless Infrastructure • Wireless Access Point • Core enterprise architecture • Wireless Client Device • Device that supports wireless communication • Multiple wireless protocol solutions • WiFi with Bluetooth • Complex wireless authentication schemes
Security Architecture Influence • Clinician • Business owner • Medical device or software manufacturer • Federal and local government • Internal and external auditor • Information technology industry • Information technology team
Wireless Security Challenge • Evolution • Rapidly evolving markets • Rapidly evolving technology standard • Attractive modalities • Automation revolution • Strategic vs. tactical risk mitigation • Technology acquisition model
Clinician Requirements • Low risk (do no harm) • Extensive mobility • Ease of use • Universal access • Fast • Available • Reliable
Technology Requirements • Medical Technology Manufacturer • Have limited enterprise integration capabilities • Have solution requirements that differ drastically • Information Technology Manufacturer • Have solution requirements that change rapidly • Have solution requirements for common devices • Information Technology Teams • Have infrastructure SLA requirements • Have chosen platform requirements
Governance Requirements • HIPAA • HITECH Act • FDA • FAA • JCAHO • NIH • Federal and State Law • PCI DSS • Record retention • GLP 21CFR58 • Meaningful Use • NIST, ISO, ITIL, and ATNA • Etc.
Wireless Use Case • “Smartpump” Technology • Improves patient safety • Improves quality controls • Improves ongoing maintenance • Improves clinical workflow • Impacted technology areas • Wireless 802.11 infrastructure • Clinical platform risk factor • Support roles and responsibilities
Problem Solving for X • X is the future of HealthCare Information Technology • Future challenges • Infrastructure must be reasonably priced, portable, and leverage existing support models • Infrastructure must be reliable, scalable, safe, and secure • Consolidate governing bodies and standards • Ubiquitous assistance and align incentives
Thank You Neil Buckley Enterprise Information Security Architect Partners HealthCare System nwbuckley@partners.org 1.617.726.0570