Paper from IoT Working Group highlights the importance of not treating medical device incident response as a one-size-fits-all

SEATTLE–(BUSINESS WIRE)–#IoT–The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released the CSA Medical Device Incident Response Playbook, which establishes a framework to ensure that cybersecurity not only protects critical healthcare systems and data but does so without negatively impacting patient safety.

Aimed at healthcare delivery organizations’ (HDO) cybersecurity staff and clinical leadership, as well as medical device manufacturers and related service providers who play a role in supporting HDO incident response processes, the paper highlights the importance of not treating medical device incident response as a one-size-fits-all process and of incorporating a tiered approach that takes risks to patient safety into consideration.

Written by the CSA Internet of Thing (IoT) Working Group, the paper provides a way for healthcare delivery organizations (HDO) to initiate conversations on how to incorporate clinical risks into security processes and lays out a roadmap for responding to those cybersecurity incidents that impact medical or patient care devices in such a way that takes into account the clinical risks associated with disconnecting the device from the patient and/or the network.

“Medical devices play an integral role in patient care. There are scenarios where medical devices must remain available to continue treatment even after being compromised,” said Brian Russell, co-chair of the IoT Working Group and one of the paper’s authors. “Hospitals must design their systems to be resilient, and an incident response plan that takes clinical aspects into consideration is a foundational element for resilient health delivery operations.”

“This playbook takes the clinical aspects of medical device operations into account,” said Christopher Frenz, co-author of the paper. “The paper identifies seven distinct incident response classifications based on impact to the patient and/or hospital operations. These seven classifications each include distinct handling instructions designed to minimize the impact to patient care.”

The CSA Internet of Things (IoT) Working Group focuses on understanding the relevant use cases for IoT deployments and defining actionable guidance for security practitioners to secure their implementations. Those interested in participating in future research and initiatives involving the IoT are invited to join the working group.

Download the CSA Medical Device Incident Response Playbook now.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at, and follow us on Twitter @cloudsa.


Kari Walker for the CSA

Subscribe to Our Newsletter

We keep your data private and share your data only with third parties that make this service possible. See our Privacy Policy for more information.