patient centric cyber monitoring with docbox and evolver
TRANSCRIPT
Patient Centric Cyber Monitoring
Tracy Rausch, CCECEO and FounderDocBox Newton, [email protected]
Chip BlockVice PresidentEvolver, Inc.Reston, [email protected]
THREE TYPE OF DEVICESDevices with software on a general computing
platform (Spirometers, Sleep Study, Devices as Software)
Stationary devices on proprietary platform (MRI, CT,X-Ray)
Medical devices with embedded software (Infusion Pumps, Ventilators, Multiparameter Monitors)
WHY IS DEVICE SECURITY DIFFERENT?
Traditional Enterprise Cyber Security Highly dynamic functionality
Continuous software, information and communication changes
User/computer centric
Security systems are primarily network/perimeter focuses
Medical Device Cyber SecurityHighly Static Functionality
Legacy, seldom changing software code
Patient centric
Security paradigm still being developed
User/Machine (passwords)
Server Authentication
Data Access
Primary focus is on which user accessed which application to get which data Malware / Anti-virus focuses on finding
vulnerabilities that can used for widespread attack Major concern is on large scale
infiltration and exploitation The possible outcomes of the attack are
numerous based on the devices on the network and available data Reporting is on network device and user
The primary question is what machines are affected and what data is at risk?
ENTERPRISE CYBER SECURITY
Patient
Outcome
Devices Impacted
Primary focus is on which patients may be affected by the attack The outcomes are limited as the device
only does a limited number of functions Reporting is on which patients have been
impacted and recovery Patient safety and security are interlinked
The primary question is what is theimpact on the patients?
MEDICAL DEVICE SECURITY
MEDICAL DEVICE CYBER SECURITY APPROACH
Leverage the unique characteristics of medical devices for security Leverage static nature of device to gain greater security
Develop patient centric security operations approach
Support both existing device security and work with FDA and other standards group for increased security in new devices
Utilize Integrated Clinical Environment (ICE) Architecture
WHAT IS “ICE”?
1. ICE = Integrated Clinical Environment2. It is a vision that integration of medical and non-medical
devices, data, and HIT in patient care environments can enable improvements in healthcare quality and safety that have been elusive until now
3. ICE is a published standard – ASTM F2761-094. ICE capabilities are being developed by academic and
industry collaborators, seeded by substantial federal and private funding. See www.openice.info and mdpnp.org
5. ICE is a platform to enable the Medical Internet of Things6. The ICE Alliance seeks to promote all of the above to
deliver safe, secure, interoperable clinical environments
FUNCTIONAL ELEMENTS OF THE INTEGRATED CLINICAL ENVIRONMENTASTM standard F2761-2009Published January 2010
ICE SupervisorICE Supervisor
NetworkControllerNetwork
Controller
ICE Interface
DataLoggerData
LoggerExternalInterfaceExternalInterface
Medical Device
ICE Interface
Other Equipment
Integrated Clinical Environment (ICE)
Clinician
Patient
Data Warehouse
ICE Systems Apps Clinical Documentation App
CDS App 1 CDS App 3
CDS App 2
MD 1MD 2
MD 3MD n
ICE Manager
CDS App a
CDS App n
EMR ADT Other
EnterpriseICE Systems Apps
CDS App 2 CDS App n
Clinical DocumentationCDS App 1
ICE Coordinator
1 2 3
MEDICAL IOT ARCHITECTURE
Remote Monitoring
ICE Data Bus ICE Coordinator Data Bus
Single Patient DB and App
Multiple Patient DB
ICE System App
ICE Clinical App
Medical Device (MD)
Hospital IT systems
Interface
SCALABLE ARCHITECTURE
Apps
1…n patients1 patient per ICE
0….24 devices/sensors or therapeutic devices
ICECoordinator
Data Cluster (HADOOP)
1 Coordinator per 250 beds
EMR LAB
PharmacyADT
Hospital
ICE System NetworkAcross Hospital Network
ICE Domain
Hardware for ICE Manager Changes by Environment
Other
TECHNOLOGY
Repurposed Technology for HealthcareDDS (Standard Communication Protocol) Mature Standard
Used in Military, Internet of Things, Energy, Public Works.
Platform to Build Clinical Apps
Environmentally Agnostic (change hardware to match intended use and environment)
SECURITY AND SAFETY
Traditional Security Approaches for IT will not meet the unique needs of the clinical environment. Security is required for patient safety. Security can’t impact patient safety or functionality of
medical devices. Implementation of security must be evaluated for patient
safety risks.
…N
…N
33
22
ICE SECURITY ARCHITECTURE ICE Coordinator
Roll-based LoginFirewallAnti-Virus / Anti-MalwareCoordinator whitelists eachManager & External Systems
ICE Coordinator
Roll-based LoginFirewallAnti-Virus / Anti-MalwareCoordinator whitelists eachManager & External Systems
ICE Manager
Manager whitelists CoordinatorRoll-Based LoginAnti-Virus / Anti-MalwareDevice Authentication
ICE Manager
Manager whitelists CoordinatorRoll-Based LoginAnti-Virus / Anti-MalwareDevice Authentication
1
Coordinator Data Bus
ICE Data Bus
External Systems
Comm Interface (Driver)
Communication “Process Whitelist”
Comm Interface (Driver)
Communication “Process Whitelist”
Physical Security: Hospital Data Center
Data-Level Security (DDS)
Data-Level Transport Security (DDS)
Medical Device(Legacy)
Medical Device(Legacy)
Medical Device(ICE Compliant)“Process Whitelist”
Medical Device(ICE Compliant)“Process Whitelist”
App WhitelistProcess WhitelistUtilize Rolls of Manager
App WhitelistProcess WhitelistUtilize Rolls of Manager
Patient
SECURITY AND PRIVACY Defense in layers approach for ICE components and devices
Process Whitelisting of Devices and Apps
Unique Login and Password for Clinicians.
Separate Devices Physically from Hospital Network (but not data).
Virus and Malware, protection on Server and Coordinator, consider traditional medical devices similar to IoT sensors
Implement DDS Security encryption and security individual data points at levels required. (not a one size solution for all data values or data paths).
Blackbox recording of data at bedside similar to aviation.
Encrypt all communications with PHI, use ICE patient session ID on devices not PHI on roaming devices.
Note: The ICE Alliance is hosted by the IEEE-ISTO
The ICE Alliance is a non-profit program committed to establishing healthcare environments that are safe, secure, and interoperable
www.icealliance.org
WHAT WILL THE ICE ALLIANCE DELIVER?
Many Deliverables are already in progress through MD PnP Program + Collaborators Medical and Health IT equipment procurement language for use by
healthcare delivery organizations (MD FIRE http://mdpnp.org/mdfire.php ) Clinical Needs Assessment and Descriptions – by HDOs System Requirements Specifications – elaborated by MD PnP program Use Case and Clinical Scenario Library – maintained by MD PnP ICE reference implementations, including safety and security requirements,
and test tools – Started by MD PnP, see http://www.openice.info Feedback to Standards Development Organizations (SDOs) to help
standards conform to ICE requirements – currently performed by MD PnP Regulatory science analysis related to submission http://mdpnp.org/
MD_PnP_Program___MDISWG.html interoperable medical devices and systems (FDA Pre-submission bit.ly/mdiswg ) Elaboration of requirements for EMR inclusion of device data
MEMBERSHIP IN THE ICE ALLIANCE The IEEE-ISTO manages the IAMembership is free to individuals, non-profit organizations
and federal agencies For-profit organizational membership ranges from $1000 to
$10,000 annually Seed funding has been provided by HDOs, Manufacturers,
and medical societies. Contributions are welcome. Specific projects are funded separately from annual
membershipQuestions may be directed to [email protected]
NOTE – NOT ALL PENDING MEMBERS ARE SHOWN
ICE ALLIANCE FOUNDING MEMBERS*
Founding Members
Liaison Members
*As of 7/25/15Additional founding memberships in process
CONCLUSION Turn the security monitoring question upside down,
patient focused, not device focused, monitoring
Leverage unique features of devices to gain security
Utilized Integrated Clinical Environment architecture to gain security through separation of devices and network