Part of Architecture pattern for connected medical devices - Pathology Pillar
Pathology specific design principles
For this pattern, we recommend that you also consider the following:
- The logical group of assets should be based on a mix of connected medical devices (CMDs) to prevent the unavailability of a CMD type in event of a cyber-attack.
- Segmentation of pathology diagnostics devices should be based on the result of a risk assessment conducted with the clinical safety officer to reduce the potential impact to clinical services by segmentation.
- Ensure proper business continuity planning is considered when determining the logical grouping of CMDs, as part of the overall network segmentation strategy, with participation of a clinical safety officer.
- Intra or inter laboratory information management system (LIMS) virtual local area network (VLAN) traffic must be over secure protocol. National Pathology Exchange (NPEx) is currently used for the exchange, but this communication should be over a secure transport protocol. See the National Cyber Security Centre (NCSC) guidance on secure protocols.
- You should deploy your point-of-care testing (POCT) systems in dedicated VLANs, separate from the LIMS VLAN.
- Traffic originating from the request and order VLAN to the LIMS VLAN must be restricted to source and destination IP addresses, service and port numbers, as required for daily functionality.
- VLANs must be associated with unique IP subnets on the network, to ensure effective segmentation.
- For inter-VLAN routing, access controls lists must be configured on the connecting router to ensure only authorised traffic is forwarded between the applicable VLANs enabling the routing process in a multi-VLAN environment.
- Supplier remote access servers should be deployed in a dedicated demilitarised zone (DMZ) complemented with security policies to ensure only authorised traffic is permitted.
- Where VLAN trunk links are configured to traffic frames between switches on the network, ensure authorisation to share such information is obtained especially for VLANs that host critical national infrastructure.
- Network experts should consider the limitation of a maximum 254 IP addresses available per subnet when designing VLAN segmentation.
Last edited: 8 November 2023 4:31 pm