Philips ST80i Instructions For Use Manual page 28

Safety Summary
Security Recommendations
As more patient health information is collected, stored, and transmitted electronically, on a
global basis, the concern for patient privacy grows. We consider the security and
confidentiality of patient data to be of paramount importance. We adhere to the highest
professional standards focused on providing you with resources aimed at your regulatory
compliance needs and allowing you to fully manage the safety, effectiveness, and security
risks of medical devices, including your ST80i System.
Protecting Personal Information
It is essential that policies and procedures for the proper handling of personal or sensitive data,
consider the confidentiality, integrity, and the availability of these types of data. Each
organization using this product must provide the protective means necessary to safeguard
personal information consistent with each country law, code and regulation, and consistent
with the company policies for managing this information. While handling personal
information is outside the scope of this document; in general, each organization is responsible
for identifying:
who has access to personal data and under what conditions an individual has authorization

to use that data
how the data is stored and the conditions by which it is stored

how the data is transmitted and the conditions under which that data is transmitted.

The US Department of Veterans Affairs has developed a widely used Medical Device
Isolation Architecture to minimize the risk of a security breach when medical devices are
connected to information networks. Such perimeter and network defenses are essential
elements in a comprehensive medical device security strategy.
Additional security and privacy information can be found on the Philips product security
website at: http://www.healthcare.philips.com/main/productsecurity/.
About HIPAA Rules
If applicable, your facility's security strategy should include the standards set forth in the
Health Insurance Portability and Accountability Act of 1996 (HIPAA), introduced by the
United States Department of Health and Human Services. You should consider both the
security and the privacy rules and the HITECH Act when designing policies and procedures.
For more information, please visit:http://www.hhs.gov/ocr/privacy/.
Security Controls and Safety Measures
The following controls and safety measures may further strengthen the security and
confidentiality of your patient records and system in general:
Install ST80i in a secure location and use a privacy filter on the ST80i System monitor that

shields the visibility of the screen contents from angled viewing.
In case of a power supply disruption, backup options should be handled by an appropriate

power failover system.
xvi ST80i Stress Test System Instructions for Use