Healthcare Delivery Organizations

CONSULTING SERVICES

Our Services For Healthcare Delivery Organizations Includes:

Medical Device Cybersecurity Governance

Establishing a cybersecurity governance structure for medical devices is fundamental to a successful medical device cybersecurity strategy. MedSec’s subject matter experts bring decades of experience in the development of governance structures and models, that effectively manage enterprise cybersecurity risk incurred through the purchase and use of medical devices

Medical Device Asset Inventory

You cannot secure what you don’t know you have. The foundation of executing a successful medical device cybersecurity program is knowing what medical devices you have, where they are, what they are doing and do they need cybersecurity attention. MedSec offers both services and solutions to address tackling this unique and fundamental challenge

Medical Device Procurement and Contracting

The cybersecurity life cycle of a medical device starts at the time of purchase. The MedSec team helps health care organizations develop baseline cybersecurity expectations for incoming medical devices, negotiating with vendors on security aspects of purchases, cybersecurity questionnaires to quickly assess if a potential purchase meets the cybersecurity expectations of your organization.

Medical Device Vulnerability Assessment

High-risk medical device systems should be tested for cybersecurity weakness; they could introduce significant risks to patients, network infrastructures, patient care and business operations. Traditional cybersecurity teams don’t understand the unique or nuanced characteristics and requirements of medical devices in patient care environments. The MedSec team specializes in Medical Devices and the unique facets of the industry and environment

Medical Device Cybersecurity Maintenance

Medical device cybersecurity is an ever-ongoing process, just as medical devices need traditional preventative maintenance, they also need cybersecurity maintenance. The MedSec team can assist hospitals in the development of processes and procedures for maintaining the cybersecurity of medical devices

Medical Device Mitigation Strategies

Proper securing and protection of medical devices can pose unique problems, whether it be firewalls, IT tool configuration or network segmentation. MedSec’s team specializes in medical device cybersecurity and can partner with hospital organizations to develop and execute effective medical device mitigation plans for new and legacy devices

Medical Device Training and Education

Education in medical device cybersecurity is imperative to the successful execution of a program. Staff members are empowered and engaged with the process when they understand the situation, the causes, the actors, and the language of cybersecurity. The MedSec team can provide medical device cybersecurity training to spread knowledge to clinical and IT teams

Let’s work together! We want to know more about your needs

Experts in Healthcare Cybersecurity

Meet Some of Our Consultants

Stephanie Domas

10+ years offensive security researcher

Ethical Hacker

Medical device and embedded secure design

Vulnerability & Penetration Testing

Invited speaker at medical device and cybersecurity industry leading events

Chief Product Security Officer – leading the creation of product security programs

Kevin McDonald

40 Years of healthcare experience

Lead the development of Mayo Clinic’s Medical Device Cybersecurity Program

Invited speaker at: FDA, RSNA, HIMSS, H-ISAC, AHA, CHIME, American Bar Association , DMD, Gartner

Security Advisor for top medical device manufacturers, including: Medtronic, Siemens, Varian, Vizient

Member Underwriters Laboratory Health Sciences Council

Co-Lead of the Health Sector Coordinating Council, and Joint Security Plan

Member HIMSS Privacy and Security Committee

Michelle Jump

Global Medical Device Cybersecurity and Software Regulatory Expert

Co-Chair for AAMI SM-WG01-TG01 – Health Software Quality Management, AAMI SM-WG01 Software Committee, Software Transparency SBOM Group and AdvaMed Software Working Group

Primary US Representative – IMDRF Software as a Medical Device Working Group

MDS2 Revision Project and CVSS Rubric Working Group

SO/TC 215 Joint Working Group 7 U.S. Expert for IEC 80001 and IEC 62304

AAMI SM-WG05 Device Security WG

Member AdvaMed Cybersecurity Working Group

Did you know MedSec also makes a medical device asset and vulnerability management tool called MedScan?

Learn More About Our Hospital Solutions

Need our help?

Lets discuss your unique needs and see how MedSec can help

Office Address

429 Lenox Avenue
Suite 415
Miami Beach, FL 33139

Our Telephones

(+1) 305–396–6900

Our Email

[email protected]

Get In Touch

MedSec is exclusively focused on the unique challenge of medical device and healthcare cybersecurity. We’d love to talk to you about your unique challenges and how MedSec can help

Hospital Services