Over One Million Patient Visits Rely on Safe Medical Devices

With more 30 community and school-based clinics, this hospital system provided care for over one million patient visits a year. Part of this care involved over half a million radiology exams, over 20,000 surgeries and over 200,000 emergency visits.

The sheer scale of this system relied on over 15,000 medical devices about half of which were network connected and included infusion pumps, X-ray machines and MRI and CT scan equipment. Any interruption in the availability or accessibility for these devices could have serious impacts on patient care and healthcare outcomes.

The network-connected devices enabled the healthcare teams to share health monitoring data and the clinical engineering team to perform remote maintenance.

With network connectivity came increased risk to the safety, availability, and accessibility of these devices. If unauthorized persons exploited vulnerabilities in device software or settings, they could disrupt the operation of the device or steal sensitive patient data.

This healthcare provider wanted to make sure their medical devices were secure, and any issues quickly addressed.

Originally, the healthcare technology management (HTM) team had two separate device inventories. Neither of which was interfaced with each other.

They recognized the need for a single device inventory so they could track all devices for their full lifecycle in a consistent way, with common data fields. So, they implemented Nuvolo’s maintenance solution. With this solution there was detailed information captured about device owners, device make and model, software version and device locations. Nuvolo’s solution ensured unregistered devices added to the network, outside of the intake process, were identified early on.

They quickly understood that to ensure their devices were safe, accessible, and available, they needed to add cyber security specific features such as device discovery, monitoring, bi-directional data integration, and security risk scoring integrated with this single inventory. Just having an interface between an inventory and monitoring was not enough. That approach would provide useful information, increasing the accuracy of device information, and would allow the HTM to make basic decisions such as determining if a security event was targeting a specific device.
What was needed was a fully integrated inventory, device monitoring and automated orchestration workflows to accurately share data across teams in a manner that can align processes and remediation. With this, they would gain the security context needed to collaborate with others to make intelligent decisions and reduce risk.

So, they turned to Nuvolo OT Security to correlate security events across devices and automate orchestration with the Nuvolo work order management system to help them perform more efficient mitigation on alerts and vulnerabilities.

Our security event correlation minimized the overhead of having to analyze, match, contextualize events across multiple inputs such as NIST (NVD, CPE), MITRE (CWE) and OT Cyber Security monitoring partners. This correlation helped them prioritize and remediate vulnerabilities and security incidents faster by not having to manually decipher and match numerous data sources

The final piece to complete their device security solution was critical. They needed to make sure that they had an automated process to create work orders against security event records, creating a shared dashboard view for the HTM and security operations center (SOC) teams in the process. To do this, Nuvolo OT Security leveraged the healthcare provider’s existing Nuvolo work order management system as a common platform between IT Security and HTM teams, which facilitated the communication and coordination.

Nuvolo OT Security certified integration with their device monitoring tool and work order management system, helped the healthcare provider to orchestrate rapid remediation of device security issues.

Learn more about Nuvolo OT Cyber Security by viewing a product walkthrough here https://www.nuvolo.com/product-walkthrough/