User Manual
Table Of Contents
Privacy and Security
8-14 Vscan Extend – User Manual
5721203-100
Rev. D
Data destruction for portable media
The Vscan Extend does not have the internal functionality to
securely delete data stored on the removable devices.
Approved procedures and tools should be used to securely
remove data stored on removable media, according to
applicable regulations and guidelines for handling patient
information / personal information (PI) / protected health
information (PHI).
Data at Rest Security
Patient data is encrypted and images/videos/logs are
unencrypted.
Back-up
The Vscan Extend backup feature stores data in an encrypted
format. Only images are backed up; no patient information is
displayed.
The backup device must be secure, whether it is removable
media or a server, to ensure no unauthorized intrusion.
External dataflows
The Vscan Extend supports interconnections to external storage
systems. This includes connections to Remote Archives
(Windows Share) and DICOM servers. The security of data
stored on these systems must be secure.
d on the external storage system (outside the scope of the
Vscan Extend Ultrasound system).
Data Integrity Capabilities
To ensure the integrity of any software update, the Vscan
Extend has additional security installed to detect any malicious
modifications to a software update package.
Integrity assurance is implemented to software updates
packages for the Vscan Extend Ultrasound system. Malicious
modifications to a software update packages will be discovered
at install time, and the installation of the malicious software will
be prohibited.
The Vscan Extend has integrated audit log capabilities that logs
changes to the data. See ‘Privacy and Security Audit Logging
and Accountability Controls’ on page 8-4 for more information.