Cloud 101CircleEventsBlog

Download Publication

Managing the Risk for Medical Devices Connected to the Cloud
Managing the Risk for Medical Devices Connected to the Cloud

Managing the Risk for Medical Devices Connected to the Cloud

Release Date: 03/16/2020

With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in the past. The new breed of connected medical devices brings the promise of improved patient care, better clinical data, improved efficiency, and reduced costs; however, they also bring increased security risks. The goal of this paper is to present the concept of managing medical devices based on their proximity to the patient and introduce practices to secure the use of cloud computing for medical devices.


  • Medical device security lifecycle
    • Pre and post purchase deployment
    • Network
    • Web application interface
    • Wireless communications
    • Secure communications channels
  • Deployment/operations management based on degrees of separation from the patient
  • Decommission/Disposal
  • Recommendations and further reading
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
An Agile Data Doctrine for a Secure Data Lake
An Agile Data Doctrine for a Secure Data Lake
Healthcare Interoperability
Healthcare Interoperability
Third-Party Vendor Risk Management in Healthcare
Third-Party Vendor Risk Management in Healthcare
Why Healthcare Organizations Are Slower to Adopt Cloud Services
Why Healthcare Organizations Are Slower to Adopt Cloud Services
Published: 09/25/2023
Safeguarding the Healthcare Industry: Effective Measures to Prevent Ransomware Attacks
Safeguarding the Healthcare Industry: Effective Measures to Prevent...
Published: 09/25/2023
IoT Security and the Infinite Game
IoT Security and the Infinite Game
Published: 09/19/2023
Digital Trust for Connected Medical Devices
Digital Trust for Connected Medical Devices
Published: 09/18/2023

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control, and Compliance Professional

Michael Roza

Risk, Audit, Control, and Compliance Professional

Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Read more

Shamun Mahmud
Shamun Mahmud
Senior Research Analyst, CSA

Shamun Mahmud

Senior Research Analyst, CSA

This person does not have a biography listed with CSA.

Vincent Campitelli
Vincent Campitelli

Vincent Campitelli

After retiring from McKesson Corporation in 2016, Vince joined the Office of the President within the Cloud Security Alliance (CSA). Serving as an Enterprise Security Specialist, Vince supports the vast membership base of CSA in consuming and leveraging the numerous services, tools and expanding scope of research devoted to Cloud Computing. With his background in both the healthcare and financial service industries, Vince actively works wit...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training