IRVING, Texas--(BUSINESS WIRE)--In June 2017, the U.S. Department of Health and Human Services’ Health Care Industry Cybersecurity Task Force issued a report to Congress stating “Health care cybersecurity is in critical condition.” In an effort to harmonize the work being done in hospitals and by device manufacturers to address medical device vulnerabilities, Vizient has formed the Medical Device Cybersecurity Task Force. The mission of the task force is to provide leadership and facilitate collaboration to minimize the risk and cost of medical device cybersecurity by fostering standard practices for the benefit of the health care industry.
“Vizient is excited to step-up and provide leadership in the area of medical device cybersecurity by facilitating collaboration between key stakeholders for the benefit of the entire industry,” said Ross Carevic, director, technology sourcing operations at Vizient. “The goal is to help reduce cybersecurity risks and the cost of assessing risk. One of the key near-term deliverables is a multi-phase roadmap that will help advance the cybersecurity maturity posture of the entire health care industry.”
The work of the Vizient task force will also serve to augment the recently released Medical Device Action Plan published by the Food and Drug Administration. Carevic added, “We look forward to having the opportunity to leverage our unique position in the marketplace to work collaboratively with our stakeholders to facilitate the public-private collaboration outlined in the Action Plan.”
The Vizient task force includes information security leaders from 25 member health system. It will also engage device manufacturers, suppliers, cybersecurity consultants, government and industry experts. The task force will be assessing the overall maturity level of cybersecurity for medical devices and identify areas to improve. It will also focus on sourcing enhancements, standards, governance and information sharing best practices to reduce exposure to risk.
As an example, the Vizient contract portfolio includes more than 500 contracts with networked devices. The company is working closely with members, suppliers and cybersecurity experts to add additional terms into the contract language as well as modifications to the weightings related to cybersecurity safeguards in the RFP scoring process. This will enhance the cybersecurity of the devices in Vizient’s portfolio for the benefit of patients and providers.
“We are viewing this from an entire industry perspective, not just for Vizient members and suppliers. Wherever possible, we intend to make key deliverables publically available, which will help suppliers and providers prioritize their remediation plans for older medical devices and ensure appropriate safeguards are included in new devices for the benefit of all patients,” said Carevic.
About Vizient, Inc.
Vizient, Inc., the largest member-driven health care performance improvement company in the country, provides innovative data-driven solutions, expertise and collaborative opportunities that lead to improved patient outcomes and lower costs. Vizient’s diverse membership base includes academic medical centers, pediatric facilities, community hospitals, integrated health delivery networks and non-acute health care providers and represents approximately $100 billion in annual purchasing volume. The Vizient brand identity represents the integration of VHA Inc., University HealthSystem Consortium and Novation, which combined in 2015, as well as MedAssets’ Spend and Clinical Resource Management (SCM) segment, including Sg2, which was acquired in 2016. In 2018, Vizient again received a World’s Most Ethical Company designation from the Ethisphere Institute. Vizient’s headquarters are in Irving, Texas, with locations in Chicago and other cities across the United States. Please visit www.vizientinc.com as well as our newsroom, blog, Twitter, LinkedIn and YouTube pages for more information about the company.
