Cybersecurity for Radiology Informatics: Committed to proactively addressing your security concerns

By Philips ∙ Sep 09, 2024 ∙ 4 min read

White paper

Radiology Informatics

The convergence of healthcare and technology has revolutionized the medical field, offering advanced solutions to improve patient care and reduce costs. However, this progress has also heightened the vulnerability of medical solutions to cyber threats.

 

Philips’ Radiology Informatics’ comprehensive approach to cybersecurity covers the whole spectrum of identify, protect, detect, respond and recover to ensure data confidentiality, integrity and availability.

White paper

Cybersecurity for Radiology Informatics

This whitepaper focuses on

  • We apply industry standards to protect patient information and use antivirus software and OS patching to protect against malware and malicious access
  • We deliver secure remote service access
  • We guarantee data redundancy for business continuity and disaster recovery
  • We address cybersecurity challenges swiftly and effectively

CIO and IT professional in network room

Product security

Philips Product Security ensures a full lifecycle of product and services security support. This lifecycle begins with assertive acceptance of NIST, ISO, DICOM, IHE and DIACAP (now RMF) as valuable sources of security standards. We also implement the latest guidance based on international laws and employ a defense-in-depth strategy that includes controls spanning application, computing, data and network security. Our Secure Development Lifecycle (SDLC) is integrated in every phase of the product lifecycle. By embedding a culture of “Secure by Design” within our organization, we strive to deliver resilient solutions that meet the evolving security needs of our customers.

Third-party management

 

Philips Vue PACS has implemented a supplier security lifecycle as part of the broader supplier management process. Our proactive approach includes collection and evaluation of suppliers’ security information, defining roles and responsibilities and effective Software Bill of Management (SBOM) that enables prompt response to vulnerabilities and threats.

Malware and Antivirus

 

Our physical and network security solutions for radiology informatics support industry anti-malware and anti-virus tools and provide formal guidelines for virus scanning exceptions for our software. The updating and operational management of the anti-virus solution and its virus definition file(s) is the responsibility of the customer, who is free to select any antivirus software they wish to run on the medical device.

Patching process

 

The patching process* within the Philips Security Operations Center (SOC) follows best practices tailored to the unique demands of healthcare IT environments. Using automated tools specifically designed for healthcare environments, we prioritize risk mitigation to help ensure seamless integration with our systems and compatibility with regulatory standards. To help reduce the risk of compatibility issues and ensure swift deployment, our patching process emphasizes collaboration among Philips and other vendors to obtain pre-validated patches tailored to our software. Real-time monitoring and reporting enable continuous oversight of patch application and identification of any issues that may arise.

Hardening and data integrity

 

Vue PACS uses a hardening framework based on U.S. Department of Defense requirements, called Security Technical Information Guidelines (STIGs), that lowers the risk of security vulnerabilities. Our solution encrypts data both in transit and at rest. It protects data integrity using multiple methods that overcome non-standard fields or missing data to ensure correct patient identification and archive consistency.

Application-level security

 

To prevent unauthorized access to restricted information or unavailable features for that user, permissions and profiles are checked at the login and at any access to a system resource. Role-based access controls limit users while still allowing access to needed information in support of patient care. 

 

Philips Product Security ensures a full lifecycle of product and services security support. This lifecycle begins with assertive acceptance of NIST, ISO, DICOM, IHE and DIACAP (now RMF) as valuable sources of security standards. We also implement the latest guidance based on international laws and employ a defense-in-depth strategy that includes controls spanning application, computing, data and network security. Our Secure Development Lifecycle (SDLC) is integrated in every phase of the product lifecycle. By embedding a culture of “Secure by Design” within our organization, we strive to deliver resilient solutions that meet the evolving security needs of our customers.

 

Our approach to privacy and data protection is based on:

 

  • Security
  • Compliance
  • Beneficiality

Philips secure remote service access

 

We are committed to protecting healthcare organizations’ local networks, on-premises healthcare devices and data against unauthorized access while also providing the convenience and time-savings of remote service of healthcare devices. Philips secure remote service access (SRSA) provides secure access over the internet via a fully encrypted, point-to-point virtual private network (VPN). SRSA provides four levels of security:

 

  1. Two-factor authentication to Philips VPN
  2. Two-factor authentication to SRSA
  3. Role-based access and least-privilege principal
  4. Authentication on the device

Business continuity and disaster recovery

 

Business continuity and disaster recovery are essential for safeguarding healthcare organizations against cyberattacks by enabling swift response and recovery in the event of a security breach. These measures ensure the uninterrupted delivery of critical healthcare services and the protection of sensitive patient data, bolster resilience and minimize the impact of cyber threats on patient care and organizational integrity. Philips PACS solutions are designed to guarantee different levels of redundancy in every project in accordance with the requirements expressed by the customer. We take a collaborative approach that considers infrastructure and processes in place at our customers’ sites. 

 

The default plan includes both full and incremental backup. We also recommend copying the database backup daily to external media. In addition, we offer standard configurations for business continuity provided via a fully replicated infrastructure, which can operate your full production load at any time. In the event of primary system failure, load balancers can route traffic to the secondary system.

Philips HealthSuite Imaging Data Protection**

 

This Philips data protection offering is a cloud-based service that secures medical imaging data and PACS file systems, leveraging Amazon Web Services (AWS) technology, including encryption in transit and at rest and compliance with over 50 global standards. This robust protection minimizes the risk of ransomware attacks, ensuring that your critical medical imaging data remains secure and accessible to allow healthcare organizations to maintain uninterrupted patient care.

Logs and audit trails

 

We provide detailed, IHE ATNA-compliant logs and audit trails, which play a pivotal role in threat detection and security incident response by providing a detailed chronicle of system activities and events. This allows the detection of security incidents, investigation of suspicious events, compliance with regulatory requirements and analysis of historical data to improve security posture and response strategies.

Responding to cybersecurity threats

 

The 24/7 Philips Security Operations Center (SOC)* is dedicated to delivering a robust, agile response to cybersecurity threats. We’re committed to safeguarding the integrity and availability of critical assets such as the Vue PACS and Image Management Software while fortifying operational resilience in the face of an ever-evolving threat landscape. Our response includes rapid triage and containment procedures, thorough investigation and analysis and transparent communication.

Download the whitepaper

 

Download the white paper for a detailed explanation of Philips Vue PACS robust security measures and our unwavering dedication to protecting patient data and ensuring the integrity of healthcare radiology systems.

Subscribe to our email updates

We are always interested in engaging with you.

Let us know how we can help.

1
Select your area of interest
2
Contact details

Disclaimer
 

*Availability restricted to some geographical areas.

**The use of cloud services can be subject to local laws and regulations. HealthSuite Imaging may not be available in all regions. Please consult your local Philips representative for more details

You are about to visit a Philips global content page

Continue

You are about to visit a Philips global content page

Continue

Our site can best be viewed with the latest version of Microsoft Edge, Google Chrome or Firefox.