Today, vast amounts of sensitive patient information and data are kept within the modern healthcare provider network. Unfortunately, the large increase in ransomware attacks experienced by the sector is another indication that hackers are becoming an ever-greater threat. For Varian and its customers, cybersecurity is a top priority. Together, we have a shared responsibility to maintain robust, end-to-end defenses that keep systems secure.
Our Approach to Data Protection and Security
Our products and services are developed with a focus on quality and patient safety. We work collaboratively with vendors and healthcare providers to promote true data security, helping to ensure that our products are safe and secure, with information access restricted to authorized users. We take this issue extremely seriously, and forge partnerships with others across the healthcare and technology industries to minimize the danger of data security breaches and protect patients.
Varian continuously invests in its robust cybersecurity program. Our information security office is staffed by employees with broad cybersecurity backgrounds, and we partner with our product engineering and IT departments to build security into our overall systems development lifecycle from inception and design, through operation and ultimately to product retirement. The teams collaborate with cybersecurity experts and IT stakeholders from customer sites to identify risks and plan security enhancements.
Safeguarding Patient Information
Data analytics and cloud-based, mobile solutions offer significant promise for human-centered cancer care, unlocking useful tools for both physicians and patients. For example, our Noona app allows patients to actively engage with their cancer care team and report outcomes, providing oncologists with the potential to analyze data and use it to change research and treatment protocols in real time. Noona is certified to ISO 27001, the internationally recognized security certification, indicating the paramount importance we place on maintaining the integrity of information in our care.
Beyond patient information, we also are focused on ensuring the security and privacy of our employees’ personal information. Our processes are designed to ensure we only collect and provide access to personal information for valid, legal, business-related reasons.
Our Computer Emergency Response Team (CERT) is the contact point for external stakeholders to report potential product security vulnerabilities.