Clearing Medical Device Cybersecurity Requirements From DoD Delivers Even More Safety Assurance for Customers
ROCHESTER, N.Y., July 23 — Carestream Health’s ImageView software has received the Risk Management Framework Authority to Operate from the Department of Defense, paving the way for streamlined installations for defense customers. Defense Health Agency (DHA) Cybersecurity Logistics (CyberLog), part of DHA’s Medical Logistics (MEDLOG) Directorate, is widely considered to have extremely rigorous cybersecurity requirements.
The Authority to Operate (ATO) process took only six months to complete, a rare occurrence given heightened cybersecurity efforts across the globe. With the ATO in place, Carestream’s cyber team has received accreditation for CARESTREAM ImageView Software v.1 in the Department of Defense (DoD), with plans to support Veteran Affairs in the future. A productive collaboration between Carestream’s Cyber, Information Technology and Governmental Solutions teams along with DoD authorities led to a successful ATO process.
“Carestream has a long-standing history of dedication to cybersecurity, for both our commercial and government customers globally,” said Garrett Huntley, Director of Government Solutions at Carestream. “Maintaining our ATO status and partnership with the Department of Defense and the Defense Health Agency through a rigorous Continuous Monitoring program is a top priority for Carestream. We are very proud to help provide our nation’s service men and women with the very best clinical care through the use of our innovative imaging technology.”
Clinical acquisition software designed to support advanced applications, the ImageView platform enables healthcare systems and hospitals to enhance productivity and patient care while supporting Carestream’s state-of-the-art image processing systems.
ImageView software is available with Carestream’s DRX-Evolution Plus System, DRX-Revolution Mobile X-ray System, DRX-Transportable System/Lite as well as the OnSight 3D Extremity Imaging System.
“We’re learning more and more about the changing cybersecurity needs and challenges organizations face as they quickly evolve. We strive to be very proactive in our approach to this and we have a team of experts focused on protecting the valuable information resources of our customers,” said Kendall Ryerson, Vice President of Corporate & Government Accounts at Carestream.
The ATO will allow Department of Defense customers to purchase Carestream products and connect the imaging systems to the DoD network immediately, reducing the time for approvals to purchase and install. Carestream’s ability to meet the ATO requirements also bodes well for its customers worldwide, providing additional confidence that the company’s imaging systems can be safely integrated into their own environments.
“The improvements we have made to comply with DoD implementation guidelines are now the default configuration for customers, allowing our products to meet and exceed product security and privacy considerations for Carestream customers,” added Michael LaLena, Chief Information Security Officer, Imaging Systems at Carestream.