Healthcare operation integrates many networks connected devices critical for its functionality. The use of communication equipment such as answering machines, fax machines, tapes, mobile phones, and routers/hubs; the use of computing equipment such as card devices, monitors, CPUs, magnetic card readers, etc.; the use of critical medical devices such as cardiac monitoring machinery, dialysis equipment and X-ray machines; the use of critical infrastructure such as electric power system, air conditioning, heating, lighting, alternative power systems and their connectivity as a network – all of these devices and functionalities play a central role in the formation and ongoing maintenance of a modern and efficient healthcare system.

In today’s world, physical sabotage as well as cyber penetrations can cause significant damage such as Denial of Service (DOS), causing the malfunction of critical systems vital to patient security and health, even tampering with the output data of critical medical devices.

Soteria offers a complete set of solutions for defending against physical and cyber-attacks that could pose a significant threat to the proper operation of healthcare organizations. The process begins with identifying and separating the automated industrial systems from the IT-based environment, understanding the functionality of industrial and IT systems and their necessity, and implementing protection mechanisms and communication procedures to mitigate probable risks. Soteria will go on to integrate IPS/IDS, Monitoring and Detection, Response, Remediation and Continuity solutions critical for the proper functionality of a healthcare organization.

Healthcare organizations require the commitment to embrace a unique approach towards the monitoring and protecting of sensitive patient information of as well as the securing medical device IoT data and command protocols. The potential impact on human lives that could be caused by attacks on such systems demands 24/7 monitoring and the ongoing improvement of security controls and policies. Soteria establishes centralized security operations to the highest standards as part of our ongoing effort to keep your patients safe.

Complete projects for facility and hospital perimeter safety and security including design, installation and management of fully integrated solutions. The process begins with a comprehensive safety and security survey to ensure system compatibility with standards, regulations and associated risk. Integrated systems include fences, smart barriers and gates, real time vigilance and access control as well as fire control and mitigation.

Sustaining a secure IT/OT environment is critical for healthcare providers who rely on valuable data for their operation (automated medical devices driven by IoT control systems) and maintain highly sensitive patient information (PHI and PI). Organizations must be actively involved in maintaining their information security management system (ISMS), defining clear policies and security requirements according to up-to-date risk and vulnerability assessments and assigning dedicated roles and responsibilities accordingly. The SoteriaREV service provides a professional and comprehensive process to direct organizations towards the implementation of a successful ISMSs and assess the effectiveness of existing security controls and the overall level of defense, outlining critical gaps in the organization’s information security defense in both the IT and IoT environments. The assessments are carried out according to general and industry-specific information security standards and regulations:

• Main data protection and information security standards and regulations: ISO/IEC 27001, NIST 800, GDPR, etc.
• HIPAA: (Health Insurance Portability and Accountability Act) U.S. national security standard designed to protect individuals’ electronic personal health information that is created, received, used, or maintained by a relevant entity. Requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronically protected health information.
• PHIPA: (Personal Health Information Protection Act) Governs the manner in which personal health information (PHI) may be collected, used and disclosed within the healthcare system.
• PIPEDA: (Personal Information Protection and Electronic Documents Act) The federal privacy law for private-sector organizations. Sets out the ground rules for how businesses must handle personal information over the course of commercial activity.
• HITECH: (Health Information Technology for Economic and Clinical Health) Covers the correct adoption of information technology systems in healthcare institutions and the meaningful use of Electronic Health Records (her)..

To conclude the evaluation, Soteria issues practical recommendations and an implementation plan in order to close the gap towards compliance and to meet business goals and mitigate associated risks.

SoteriaEPNP represents a wide arsenal of technology and procedural solutions for endpoint and network protection that is offered to clients in accordance with the completion of thorough security assessments (SoteriaREV) or upon client indication of known security breaches.

Health information disclosed to unauthorized individuals or accessed incorrectly, tampered with, or lost could have devastating impacts on patient privacy, health and safety. Thus, healthcare providers must take the necessary measures to protect the confidentiality, integrity and availability of PHI or PI (e.g. medical records, social security numbers, billing records, etc.). The first step is to properly identify sensitive information of this nature which is a challenge because information systems are very dynamic and new data is constantly created and transferred through various communication channels.

Soteria provides advanced automated solutions for data classification, effectively identifying and recording any file creation and modification instantly and indicating the exact location of sensitive data files in the network and their exposure to different entities and factors within the organization or to external networks, alerting and remediating unauthorized access.

Encryption is vital for information protection because it continues to offer protection even after the information has already been leaked, making the leakage much less significant. Our encryption solutions are configured according to the specific information media (storage systems, communication, databases, applications, virtualized platforms, cloud environments, middleware, etc.) including mechanisms for encryption management and monitoring (such as management of cryptographic keys and digital certificates in various stages).

Restricting, monitoring and indicating the exposure of sensitive data to different entities and the management of physical access to the facility . In so doing, access to the facility and organizational data is monitored and protected.

• Accessing entities are identified and verified unequivocally
• Classification and management of various users (human and applications)
• Ongoing permission management according to the current need of each user

Implementing Data Loss Prevention (DLP) solutions for the automatic identification and management of PHI to prevent accidental leaks or exposure of sensitive data outside authorized channels. This is done using monitoring, filtering, blocking and remediation features covering data exfiltration to unauthorized entities including interfaces with third-party partner systems. This incorporates the monitoring and detection of the corporate network and the information traffic through its boundaries.

Network Intrusion Detection Systems (NIDSs) are placed at strategic points within the network to monitor traffic to and from all devices on the network. They perform an analysis of traffic passing over the entire subnet and match the traffic with a library of known attacks. Once an attack is identified or abnormal behavior is sensed, an alert is sent.

Host Intrusion Detection Systems (HIDSs) run on individual hosts or devices on the network. HIDSs monitor inbound and outbound packets to/from the device and will alert the user or administrator if suspicious activity is detected. It takes a snapshot of existing system files and matches it with the previous snapshot. If the critical system files were modified or deleted, then an alert is sent to the administrator to investigate.