Over 40 Florida Auctions End Tomorrow 09/28 - Bid Now
Over 2250 Total Lots Up For Auction at Four Locations - OK 09/29, NJ Cleansweep 09/30, CA 10/01, NJ 10/05

MITA statement on HHS report on health delivery organizations' cybersecurity vulnerabilities through PACS

Press releases may be edited for formatting or style | July 15, 2021 Cyber Security Health IT
Washington, D.C. The Medical Imaging & Technology Alliance (MITA) – the leading trade association representing the manufacturers of medical imaging equipment, radiopharmaceuticals, contrast media, and focused ultrasound therapeutic devices – issued the following statement today in response to the U.S. Department of Health and Human Services' (HHS) report regarding health delivery organizations' (HDO) unsecured picture archiving and communication systems (PACS). MITA is the Secretariat for the Digital Imaging and Communications in Medicine (DICOM®), the international Standard to transmit, store, retrieve, print, process, and display medical imaging information.

"It's important that all health delivery organizations take the necessary steps to mitigate exposure to cybersecurity threats," said Patrick Hope, MITA executive director. "We encourage them to evaluate the security documentation provided with their PACS system—such as the Manufacturer Disclosure Statement for Medical Device Security (MDS2)—to determine how best to deploy their equipment in a safe and secure way. PACS systems are just one component that should be considered within an overall organizational cybersecurity strategy."

The MDS2 supports security risk management within healthcare delivery organizations by providing standardized information on security control features integrated within medical devices. Manufacturers provide MDS2 on their product at the time of sale. The blank MDS2 may be found here.

New & Refurbished C-Arm Systems. Call 702.384.0085 Today!

Quest Imaging Solutions provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs

Remote access to PACS systems requires consideration of protections, risk assessment, and mitigation strategies by an HDO. HDO should also take insider threats and the benefits of a zero-trust policy into account when evaluating cybersecurity protections. Finally, programs processing DICOM media files should continue to take precautions such as scanning the files with anti-virus software and not assuming they are safe. Import systems should disable file execution when reading CDs or DVDs.

An HDO that suspects its PACS systems may be vulnerable should contact their original equipment manufacturer's service department, even if the system has been re-manufactured in the aftermarket. "The original equipment manufacturer is best positioned to evaluate the risks posed by any potential vulnerability and offer validated remediation or mitigations where appropriate," added Hope.


The Medical Imaging & Technology Alliance (MITA), a division of NEMA, is the collective voice of medical imaging equipment manufacturers, innovators, and product developers. It represents companies whose sales comprise more than 90 percent of the global market for advanced medical imaging technology. For more information, visit www.medicalimaging.org. Follow MITA on Twitter @MITAToday.­­­­­

Back to HCB News

You Must Be Logged In To Post A Comment