DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Securing Picture Archiving and Communication System (PACS) Cybersecurity for the Healthcare Sector:

Posted on December 21, 2020 by Dissent

NIST SP 1800-24

OCR is sharing the National Cybersecurity Center of Excellence’s (NCCoE) at the National Institute for Standards and Technology (NIST) SP 1800-24, Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector.  This practice guide can help HIPAA covered entities and their business associates implement current cybersecurity standards and best practices to reduce their cybersecurity risk, while maintaining the performance and usability of PACS:

NIST CYBERSECURITY and PRIVACY PROGRAM

Securing Picture Archiving and Communication System (PACS)—Cybersecurity for the Healthcare Sector: NIST SP 1800-24

A new NIST Cybersecurity Practice Guide, NIST SP 1800-24, is now available: Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector.

Medical imaging plays an important role in diagnosing and treating patients. The system that that manages medical images is known as the Picture Archiving Communications System (PACS) and is nearly ubiquitous in healthcare environments. PACS fits within a highly complex healthcare delivery organization (HDO) environment that involves interfacing with a range of interconnected systems. This complexity may result in cybersecurity risks that could potentially compromise the confidentiality, integrity, and availability of the PACS ecosystem.

The National Cybersecurity Center of Excellence (NCCoE) at NIST analyzed risk factors regarding the PACS ecosystem by using a risk assessment based on the NIST Cybersecurity Framework and other relevant standards. The NCCoE developed an example implementation that demonstrates how HDOs can use standards-based, commercially available cybersecurity technologies to better protect the PACS ecosystem.

The NCCoE’s practice guide NIST SP 1800-24, Securing Picture Archiving and Communication System, will help HDOs implement current cybersecurity standards and best practices to reduce their cybersecurity risk, while maintaining the performance and usability of PACS.

The final practice guide, which in addition to incorporating feedback from the public and other stakeholders, builds on the draft guide by adding remote storage capabilities into the PACS architecture. This effort offers a more comprehensive security solution that more closely mirrors real-world HDO networking environments.

Publication details:
https://csrc.nist.gov/publications/detail/sp/1800-24/final

NCCoE PACS homepage:
https://www.nccoe.nist.gov/projects/use-cases/health-it/pacs

READ NOW.

Source: NIST

Related posts:

  • PR: NIST Establishes National Cybersecurity Center of Excellence
  • HHS warns entities; patients file potential class action lawsuit over PACS breach
  • Senator Warner wants to know what HHS OCR did in response to massive leak of patient medical images by organizations
  • Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1
Category: Breach IncidentsCommentaries and AnalysesU.S.

Post navigation

← Breach alerts dismissed as junk? New guide for sending vital emails may help
Microsoft identifies second hacking group affecting SolarWinds software →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught
  • International Criminal Court hit with cyber attack during NATO summit
  • Pembroke Regional Hospital reported canceling appointments due to service delays from “an incident”
  • Iran-linked hackers threaten to release emails allegedly stolen from Trump associates
  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.