Connectivity and cloud computing technologies have created new opportunities for the delivery of advanced healthcare services by medical institutions. They have also revolutionized the personal health & wellness sector through novel instruments for monitoring and improving an individual's health. As sensitive patient information is exchanged between personal / corporate devices and public / private cloud infrastructures, it becomes increasingly exposed to data theft risks. Moreover, the connected nature of health information systems and smart medical devices, have allowed malicious individuals to disrupt critical operations of healthcare providers. Cyber espionage is also on the rise, with intruders targeting all forms of intellectual property related to medical devices, as found in the information systems of vendors, third party suppliers and lately, medical institutions.
CENSUS provides specialized IT security services for the identification, management and mitigation of cybersecurity risks in healthcare technologies and infrastructures.
Experience
The company has performed IT Security Assessments to a wide range of medical technologies, including pacemakers, defibrillators, cardiac arrest monitors, infusion pumps, MRI & CT scan equipment, medical device gateways, cloud platforms for the exchange of medical information, PACS systems, patient record management software, patient monitoring technologies, physical access controls for clinics and smart medicine cabinets. The assessment services covered all aspects of these medical technologies, from their hardware, software and firmware to their communications and default configuration.
CENSUS has supported the secure development processes of healthcare product vendors by means of Secure SDLC and Staff Augmentation services. Furthermore, through Consulting and Product Security Documentation services, it has helped vendors meet pre-market and post-market cybersecurity compliance requirements.
Finally, CENSUS has performed penetration tests to healthcare organization around the world to help identify cybersecurity issues in their infrastructures and processes.
Services Overview
CENSUS offers the following services to product vendors and healthcare institutions for the identification, management and mitigation of cybersecurity risks:
- Design Level Security Reviews
- Source Code Auditing
- Application Security Testing
- Device Security Testing
- Penetration Testing
- Product Security Documentation (to cover compliance requirements)
- Security Training
- Secure SDLC
- Staff Augmentation
More information about these services can be found in the whitepaper below:
Case Studies
Every now and then CENSUS publishes case studies to highlight the approach and the value of the services provided to certain industries. Case studies from the healthcare sector can be found below: