According to a press release from Draeger®, the Veteran’s Administration® is deploying Draeger’s Infinity M300 patient monitors on its Wi-Fi® networks, even though the monitors are not validated for FIPS 140-2. To get around the FIPS 140-2 requirement, the VA issued a waiver for the monitors.
“This decision by the VA to allow use of its wireless network for patient telemetry represents the first such use within the VA hospital environment,” says Rick Sullivan, VP of Government Affairs at Draeger.
Why did VA issue the waiver? Is it because Draeger “is committed to obtaining FIPS 140-2, Level 1 certification for a future” patient monitor? A lot of medical device vendors have a similar commitment but, as we discuss in our white paper on FIPS 140-2, obtaining a FIPS 140-2 validation for a Wi-Fi client device can be very challenging. That’s why no patient monitors are validated!
Perhaps the Draeger monitors do not transmit sensitive information, such as patient identification, across the network. We cannot review the waiver because it is posted only on the VA intranet and not on an external Web site.
View a previous post on FIPS 140-2 security in VA hospitals here.
Want to receive the latest blog posts from Laird? Subscribe Below:
- New 60 Series SOM & Summit Software Stack Deliver Superior Enterprise-Class Wi-Fi Connectivity
- New BL651 Module Joins Laird’s Growing Nordic Family of BLE 5 Solutions
- What You Need to Know About Bluetooth SIG Deprecation of BT v4.1 and Older Specs
- Get a First Look at Laird’s BL654 Bluetooth 5 Module
- Webinar Recap: BLE Mesh – A Practical Guide to Simplify Product Development Time
October 2019 M T W T F S S « Nov 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31