As part of our commitment to product security and customer service, Philips Healthcare supplies our customers with information to help assess and address the vulnerabilities and risks associated with products that maintain or transmit ePHI.
Specifically, Philips Healthcare is using the Manufacturer Disclosure Statement for Medical Device Security (MDS2) to provide HIPAA-related security information about its products.
The MDS2, a universal reporting form which allows Philips Healthcare to supply its customers with model-specific information, is endorsed by the American College of Clinical Engineering (ACCE), ECRI (formerly the Emergency Care Research Institute), the National Electrical Manufacturers Association (NEMA), and the Healthcare Information and Management Systems Society (HIMSS). To view the HIMSS press release announcing the MDS2, go to: HIMSS News Announcement - Medical Device Security.
The MDS2 contains device security information such as:
Maintaining, storing, and transmitting ePHI
Data back-up and removable media capabilities
Installing security patches and anti-virus software
Remote service access
Audit logs of ePHI access including:
The form also contains security practice recommendations and explanatory notes from the manufacturer as well as detailed instructions, notes, and definitions from HIMSS and NEMA. To view a blank version of the revised MDS2 form, go to: http://www.nema.org/stds/hn1.cfm.
Philips customers can get product MDS2 forms online by clicking here to register and access the MDS2 Security Forms.