Philips Azurion - 15 Security; 15.1 Customer Responsibilities; 15.1.1 Risks Related to Security

To Next Page

To Previous Page

15 Security

The f

ollowing secons provide informaon about important security consideraons for using the

system.

15.1 Customer Responsibilies

Philips Medical Systems recognizes that the security of its products is an important part of your facility's

in-depth security strategy. However, these benets can only be realized if you implement a

comprehensive, mul-layered strategy (including policies, processes, and technologies) to protect

informaon and systems from external and internal threats.

Following industry-standard pracce; your strategy should address physical security, operaonal

security, procedural security, risk management, security policies, and conngency planning. The

praccal implementaon of technical security elements varies by site and may employ a number of

technologies, including rewalls, virus-scanning soware, authencaon technologies, etc.

As with any computer-based system, protecon must be provided such that rewalls and/or other

security devices are in place between the medical system and any externally accessible systems.

The USA Veterans Administraon has developed a widely used Medical Device Isolaon Architecture

for this purpose. Such perimeter and network defenses are essenal elements in a comprehensive

medical device security strategy.

Addional security and privacy informaon can be found on the following website:

www.philips.com/productsecurity

15.1.1 Risks Related to Security

There are several risks related to security that should be assessed.

• The device is not intended as a long term storage device. Customers are advised to export a study

when the procedure ends to ensure availability of the related data. For more informaon, see

Exporng Data (page 147). The export funcon can be congured to occur automacally.

• To ensure condenality, integrity, and availability of the device and related data, the following

recommendaons are made:

– Implement network and physical access controls to limit the likelihood of compromise. For

more informaon, see Customer Responsibilies (page 266).

– Enable the security controls that are embedded into the device. For more informaon, see

System Administraon (page 229).

• It is recommended that the manufacturer's product security recommendaons are monitored on a

regular basis. For more informaon, see Malware Protecon (page 267).

The assessment should be repeated whenever changes are made to the network. These changes

include:

• Changes in the network conguraon

• Connecon of addional items to the network

• Disconnecon of items from the network

• Updates or upgrades to items that are connected to the network

Security Customer Responsibilies

Azurion Release 1.2 Ins

trucons for Use 266 Philips Healthcare 4522 203 52421

Related product manuals