From: The National Law Review
Stuart M. Gerson | Epstein Becker & Green, P.C.
The National Institute of Standards and Technology (“NIST) has announced that it will be seeking industry input on developing “use cases” for its framework of cybersecurity standards related to patient imaging devices. NIST, a component of the Department of Commerce, is the agency assigned to the development and promulgation of policies, guidelines and regulations dealing with cybersecurity standards and best practices. NIST claims that its cybersecurity program promotes innovation and competitiveness by advancing measurement science, standards, and related technology in ways that enhance economic security and quality of life. Its standards and best practices address interoperability, usability and privacy continues to be critical for the nation. NIST’s latest announcement is directed at eventually providing security guidance for the healthcare sector’s most common uses of data, inasmuch as that industry has increasingly come under attack.
The current announcement is reflective of the interest of NIST and the Food & Drug Administration (“FDA”), the primary regulatory agency for medical devices, within the so-called Internet of Things (“IoT”). Thus, NIST, through its National Cybersecurity Center of Excellence, will accept proposals up to June 8, 2018, for “products and technical expertise” relevant to the creation of guidelines for securing data used by Picture Archiving and Communication Systems (“PACS”). NIST will attempt to harmonize the requirements for patient imaging devices with NIST’s overall cybersecurity framework.
Leave a Reply