Now Available: Final Version NIST SP 1800-30, Securing Telehealth Remote Patient Monitoring Ecosystem

NIST

View As Web Page

Telehealth Landscape

National Cybersecurity Center of Excellence

NCCoE Releases Final Version NIST SP 1800-30, Securing Telehealth Remote Patient Monitoring Ecosystem

The National Cybersecurity Center of Excellence (NCCoE) is pleased to announce the publication of the final version NIST Special Publication 1800-30, Securing Telehealth Remote Patient Monitoring Ecosystem.

What is this guide about?

Increasingly, healthcare delivery organizations (HDOs) incorporate telehealth and remote patient monitoring (RPM) as part of a patient’s care regimen. RPM systems may offer convenience and may be cost effective for patients and HDOs, which promotes increased adoption rates. Without adequate privacy and cybersecurity measures, however, unauthorized individuals may expose sensitive data or disrupt patient monitoring services.

The NCCoE collaborated with healthcare, technology, and telehealth partners to develop a reference architecture that demonstrates how HDOs may use standards-based approaches and commercially available cybersecurity technologies to implement privacy and cybersecurity controls, thereby enhancing the resiliency of their telehealth RPM ecosystem. This practice guide’s capabilities include helping organizations assure the confidentiality, integrity, and availability of an RPM solution.

This practice guide can help your organization:

  • Identify cybersecurity risks associated with the solution architecture
  • Apply the NIST Privacy Framework to broaden understanding of privacy risks
  • Assure that HDOs partner with appropriate telehealth platform providers to extend cybersecurity and privacy control deployment, management, and efficacy
  • Consider future technologies that augment data communications safeguards

This guide also includes guidance from NIST’s Cybersecurity for the Internet of Things program on device cybersecurity capabilities and nontechnical supporting capabilities that can assist in securely deploying and configuring an RPM ecosystem.

Let us know what you think!

Questions? Email us at hit_nccoe@nist.gov with your feedback and let us know if you would like to join the healthcare community of interest. We recognize that technical solutions alone will not fully enable the benefits of our solution, so we encourage organizations to share lessons learned and best practices for transforming the process associated with implementing this guide.

 

NIST Cybersecurity and Privacy Program
NIST Applied Cybersecurity Division (ACD)
National Cybersecurity Center of Excellence (NCCoE)
Questions/Comments about this notice: hit_nccoe@nist.gov 
NCCoE Website questions: nccoe@nist.gov