Patient Data Security; Requirements On The Operating Environment - AGFA DX-D 300 User Manual

Hide thumbs Also See for DX-D 300:

User manual (104 pages)

User manual (83 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

page of 120

/ 120
Contents
Table of Contents
Bookmarks

Table of Contents

44 | DX-D 300 | Introduction

Patient data security

The user must ensure that the patients' legal requirements are met and that

the security of the patient data is guarded.

The user must define who can access patient data in which situations.

The user must have a strategy available on what to do with patient data in

case of a disaster.

Requirements on the operating environment

These operating environment requirements for information security and

privacy (ISP), set in compliance with point 17(4) and 18(8) of Annex I of the

EU Medical Device Regulation 2017/745, must be implemented and used in

connection with the use of the Agfa medical device by the Customer (User).

These are minimum requirements and designed to protect against

unauthorised access that could hamper the device from functioning as

intended.

Although Agfa has defined these ISP Operating Environment Requirements

for implementation by the Customer, Agfa makes no warranties, expressed or

implied regarding those ISP Operating Environment Requirements.

Agfa disclaims all liability if a security incident would occur despite the

implementation of these ISP Operating Environment Requirements by the

Customer.

Agfa reserves the right to revise these ISP Operating Environment

Requirements and to make changes to them at any time. Possible revisions of

the ISP Operating Environment Requirements will only be available in an

electronic form, on request, via our website, by using the user documentation

request form http://www.agfahealthcare.com/global/en/library/index.jsp.

The information presented herein is sensitive and is company confidential.

Without written authority from Agfa, further distribution outside the

company is not allowed.

• Perimeter firewalls shall be in place and appropriately configured in order

to ensure that communications between medical devices and external

resources are either denied or restricted to just the communications that

are essential for the medical devices to properly function.

• Network Intrusion Detection/Prevention Systems (NIDS/NIPS) shall be in

place at the perimeter and appropriately configured, in order to provide

early warning of an attack attempt or successful compromise of a medical

device as well as to attempt to prevent compromise of medical devices.

• A Network Time Protocol Server shall be configured in the medical devices

in order to synchronize the time in the audit logs with the time on the NTP

server.

0172G EN 20230627 1651

Table of Contents

Patient Data Security; Requirements On The Operating Environment - AGFA DX-D 300 User Manual

Patient data security

Requirements on the operating environment

Related Manuals for AGFA DX-D 300

Related Content for AGFA DX-D 300

Table of Contents