The use case regards procurement of a new Point of Care Testing (POCT) device (for local blood analysis) and its deployment in 10 clinical wards. The POCT will be connected with the Laboratory Information System (LIS).
The procurement and deployment process is articulated in 11 steps (1. Analyse proposal to assess compliance with Security stds, , …, 10. Monitor impact on users’ behaviours, 11. Analyse and take action if needed). For each step, ten organizational actors are involved (CISO, DPO, Training, Procurement) and PANACEA tools can be used, specifically for the step (e.g. CST in step 1.).
During a workshop, the most relevant actors simulated the execution of the entire process. The process “walk-through” was facilitated by the PANACEA team, which also showed how eight tools can be used.
The use case shows how the PANACEA tools (DRMP, CST, SBDF, IMP, SBNT, TECT, RGT) can be used to implement a robust “security by design” approach while performing the process, to avoid that cybersecurity new vulnerabilities are imported.
The integrated use of PANACEA tools offers a more structured method to
“An end-to-end structured approach to the procurement of technological asset is really useful” Information Security Officer.
“I really appreciate the clear definition of roles and of the “shared responsibility” of the parties involved, in particular ICT and Clinical Engineering Departments, along the phases of the procurement process” Clinical Engineering Officer.
“The fact that the method covers also the “human factors” aspects is really positive and an advance vs the current culture, which is techno-centric” Medical Doctor.