The final version of the ONC plan that has the objectives to use health IT to make care safer and to continuously improve the safety of health IT. The document can be viewed here: onc_patient_safety_planRead More
ONC guidance on annual surveillance plans by authorized certification bodies. Authorized Certification Bodies are expected to conduct surveillance on EHRs that they have certified. This guidance provides the priorities for topics to assess in the surveillance plan. Safety-related capabilities and security capabilities are two of the four areas for priority identified in this guidance. onc_surveillance_plan_guidanceRead More
ONC contract with the Joint Commission to investigate health IT-related safety events. The purpose of this contract is to ensure that there is an early detection system on health IT-related safety issues, including those associated with EHRs. The document can be viewed at the following link: ONC_tjc_contractRead More
NIST was directed to prepare a cybersecurity framework for critical infrastructure in Presidential Executive Order 13636. Healthcare was identified as one of the areas with critical infrastructure. This draft for comment is only an outline of the framework. NIST_draft_outline_cybersecurity_frameworkRead More
ICS-CERT is issuing this alert to provide early notice of a report of a hard-coded password vulnerability affecting roughly 300 medical devices across approximately 40 vendors. The document can be viewed at the following link: ICS-CERT_alert_med_devRead More
Schedule Discussion with John F. Murray, Jr.
John is currently providing telephone and face-to-face meetings to discuss: Cybersecurity, Part 11, 483 Response, design controls expectations for software documentation, and other topics.
Leave a message and we will contact you to schedule: