NIST Collaboration

Working to better secure medical imaging infrastructures

Hyland Healthcare is working with the National Institute of Standards and Technology (NIST) in the National Cybersecurity Center of Excellence (NCCoE) Securing PACS Cybersecurity for the Healthcare Sector Use Case Consortium to develop practical, interoperable cybersecurity approaches that address the real-world needs of complex Information Technology (IT) systems. 

As part of this effort, Hyland Healthcare collaborated with these organizations and fellow technology vendors including Cisco, Clearwater Compliance, DigiCert, Forescout, Philips Healthcare, Symantec, TDi Technologies, Tempered Networks, Tripwire, Virta Labs and Zingbox to develop a draft practice guide NIST Special Publication 1800-24, Securing Picture Archiving and Communication System. 

This practice guide aims to help healthcare organizations reduce the risk of malicious actors compromising the confidentiality, integrity and availability of the PACS ecosystem. Standards and best practices were used to deploy strong authentication solutions that use open and scalable standards. The guide also maps capabilities to NIST guidance and control families, including the NIST Cybersecurity Framework.

This practice guide demonstrates how commercially available technologies, like Hyland Healthcare’s enterprise imaging solutions including Acuo VNA, NilRead universal viewer and PACSgear image connectivity suite can be integrated with existing tools to facilitate secure capture and access to a variety of medical imaging formats enterprise-wide. 

By accelerating dissemination and use of these integrated tools and technologies for protecting IT assets, the NCCoE will enhance trust in U.S. IT communications, data, and storage systems; reduce risk for companies and individuals using IT systems; and encourage development of innovative, job-creating cybersecurity products and services.

We believe the guide addresses a critical cybersecurity and economic need. Please download the practice guide and share your thoughts with the NCCoE on how to strengthen it. The public comment period closes on November 18, 2019.

*NIST does not evaluate commercial products under this Consortium and does not endorse any product or service used. Additional information on this Consortium can be found at: http://www.nccoe.nist.gov/pacs
.