DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Securing Picture Archiving and Communication System (PACS) Cybersecurity for the Healthcare Sector:

Posted on December 21, 2020 by Dissent

NIST SP 1800-24

OCR is sharing the National Cybersecurity Center of Excellence’s (NCCoE) at the National Institute for Standards and Technology (NIST) SP 1800-24, Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector.  This practice guide can help HIPAA covered entities and their business associates implement current cybersecurity standards and best practices to reduce their cybersecurity risk, while maintaining the performance and usability of PACS:

NIST CYBERSECURITY and PRIVACY PROGRAM

Securing Picture Archiving and Communication System (PACS)—Cybersecurity for the Healthcare Sector: NIST SP 1800-24

A new NIST Cybersecurity Practice Guide, NIST SP 1800-24, is now available: Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector.

Medical imaging plays an important role in diagnosing and treating patients. The system that that manages medical images is known as the Picture Archiving Communications System (PACS) and is nearly ubiquitous in healthcare environments. PACS fits within a highly complex healthcare delivery organization (HDO) environment that involves interfacing with a range of interconnected systems. This complexity may result in cybersecurity risks that could potentially compromise the confidentiality, integrity, and availability of the PACS ecosystem.

The National Cybersecurity Center of Excellence (NCCoE) at NIST analyzed risk factors regarding the PACS ecosystem by using a risk assessment based on the NIST Cybersecurity Framework and other relevant standards. The NCCoE developed an example implementation that demonstrates how HDOs can use standards-based, commercially available cybersecurity technologies to better protect the PACS ecosystem.

The NCCoE’s practice guide NIST SP 1800-24, Securing Picture Archiving and Communication System, will help HDOs implement current cybersecurity standards and best practices to reduce their cybersecurity risk, while maintaining the performance and usability of PACS.

The final practice guide, which in addition to incorporating feedback from the public and other stakeholders, builds on the draft guide by adding remote storage capabilities into the PACS architecture. This effort offers a more comprehensive security solution that more closely mirrors real-world HDO networking environments.

Publication details:
https://csrc.nist.gov/publications/detail/sp/1800-24/final

NCCoE PACS homepage:
https://www.nccoe.nist.gov/projects/use-cases/health-it/pacs

READ NOW.

Source: NIST

Related posts:

  • PR: NIST Establishes National Cybersecurity Center of Excellence
  • HHS warns entities; patients file potential class action lawsuit over PACS breach
  • Senator Warner wants to know what HHS OCR did in response to massive leak of patient medical images by organizations
  • Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1
Category: Breach IncidentsCommentaries and AnalysesU.S.

Post navigation

← Breach alerts dismissed as junk? New guide for sending vital emails may help
Microsoft identifies second hacking group affecting SolarWinds software →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.