Steve Merritt kicked things off today with a presentation titled, Integrating Medical Devices into the IT Infrastructure: Pitfalls and Recommendations. Steve provided a fantastic overview of their experience at Baystate Health in Springfield, MA. Steve started with the regulatory definition of a medical device:
A medical device is an instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including a component part, or accessory which is: …intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, reatment, or prevention of disease, in man or other animals…
He noted that the medical device connectivity market has changed dramatically in the past 5 years – with the advent of “smart” pumps and WiFi adoption, for example. They have a pretty extensive background in this topic, with the following past projects:
- Central fetal monitoring system and Labor and
- Delivery Decision Support (1998)
- EKG (1998)
- PACS (1998)
- Endoscopy (1999)
- Radiation oncology record and verify (1998)
- Patient Monitoring networks
- EEG and video monitoring (2001)
- INET (ongoing vital signs/EMR integration project) (2005)
- Stress testing (treadmill and vitals) (2006)
- Simulation Lab (2007 and beyond) – partnering with Vendors to provide tomorrow’s technology today
Steve described the Nachi/Welchia worm that hit the net on August 13, 2003 as a wake up call for their hospital. The worm had a catastrophic impact on the hospitals networks, especially medical devices running Windows 2000/XP. Any unprotected devices were infected – none of their medical devices were protected. There was a 2 day network outage and it took weeks to recover and get all their medical devices back online.
Many changes were made as a result of the Nachi/Welchia worm. The formed partnerships with device manufacturers to architect solutions to this problem. Siemens and Baystate Health teamed up to design an acceptable antivirus solution running on imaging equipment – this took 2 years to negotiate, design, and implement. They also worked with their network architect and implemented a VLAN ACL design to isolate medical devices on the network.
Another key lesson learned from Nachi/Welchia was the need for software virus protection. Baystate got a lot of push back from vendors at first. Ultimately though, no vendor ever provided them with a legitimate reason not to use anti virus (AV) software with active protection. Excuses included: the FDA won’t allow us : WRONG! It harms the patient data: WRONG! I will slow the system down: WRONG! Proper design and implementation of the AV software will prevent any anticipated problem. He recommended that hospitals partner with vendors to find the solution, and noted that you might have to twist some arms along the way. Baystate uses McAfee VirusScan and ePolicy Orchestrator to document and enforce security policies.
Steve went into good details regarding network architectures and management policy. Much of this was similar to the VA’s Medical Device Isolation Architecture Guide.
Numerous important reference documents were mentioned – documents that readers have seen mentioned in this blog. Included in his presentation were the FDAs guidance documents on Off the Shelf Software in Medical Devices, and General Principals of Software Validation. [You should also check out their draft guidance on wireless medical devices.] Also mention was the VA’s recommendations for networking medical devices in their Medical Device Isolation Architecture Guide. Their network security is build mainly on access control lists (ACLs). Architecting a proper ACL is key to protecting medical devices, and is based on the following principles:
- Only allow the bare minimum permission to talk
- Communication with vendors is required to design an appropriate ACL
- Vendors need to start doing a better job documenting ACL requirements
Finally, Steve described the skill sets required of clinical engineers involved in medical device connectivity. He also emphasized the need for rigorous documentation, including: project plans, specifications (requirements) for each component in a system, status updates, and change control.
Questions: Does INET project use an Aware gateway. It’s a VLAN by IT with biomed as first responders to users. Virus protection policies, that includes definition updates specific, are established for each medical device system. The IT department hosts the virus software update sever, but biomedical engineering initiates the push of updates from the server in IT to the target medical devices. They are a Cerner shop and use their IMDB connectivity software to integrate their Philips monitors.