Department of Veterans Affairs Medical Device Isolation Architecture Guide V2.0

The purpose of this document is to provide a standard process for isolating and securing networked medical devices using a protected Virtual Local Area Network (VLAN) structure. This document’s target audience includes VA OI&T Network staff, OI&T Information Security Officers ISO, and Biomedical Engineers.

Read an Excerpt: 

The purpose of this document is to provide a standard process for isolating and securing networked medical devices using a protected Virtual Local Area Network (VLAN) structure.

This document’s target audience includes VA OI&T Network staff, OI&T Information Security Officers ISO, and Biomedical Engineers.

Within this document, a Medical device is defined as any device that meets any of the following requirements:

  1. If it is used in patient healthcare for diagnoses, treatment (therapeutic), monitoring physiological measurements, or for health analytical purposes.
  2. If the device has gone through the FDA’s Premarket Review Process (510K Certification) or,
  3. If it is incorporated as part of a medical device and, if modified, can have a negative impact on the functionality/safety of the main medical device.

Many devices meeting this definition have significant limitations on the application of operating system (OS) patches, and malware protection updates (i.e. virus, spyware and phishing protection). This makes them more vulnerable to malware attacks and serves as an entry point for malware attacks into the VA enterprise network. In addition, it becomes a risk to patient safety and to the protection of patient sensitive information. Therefore, their protection must be maintained at the highest level.

This document presents a six step process for identifying, grouping, and migrating networked medical devices to an isolated VLAN infrastructure. This process includes the following:

  1. Device Identification
  2. Grouping and Segmentation
  3. Identify Communication Requirements
  4. Migration Planning and Coordination
  5. System Migration
  6. Implementing Protection

The information contained in this document can, and should be, applied to other systems, such as temperature monitoring systems, elevator control systems, and HVAC systems; that are connected to the VA network but cannot be patched in accordance with VA patching policy. However, the critical importance associated with getting networked medical devices protected from malware attacks means that the focus of this document needs to be limited to these devices.