Radiometer provides comprehensive security protection 

Protecting sensitive data and systems 

  • Request more info
    Learn more about how Radiometer provides security protection
    Contact Info
    Workplace Details
    By submitting this form, I acknowledge that I have reviewed and understood the data privacy notice.

    All fields must be filled!

  • Download documents
    Sign up for accessing technical papers for our analyzers and our security model sheet
    Contact Info
    By submitting this form, I acknowledge that I have reviewed and understood the data privacy notice.

    All fields must be filled!

  • ISO 27001:2013 certification
  • Multi-layered defense system
  • Strengthens patient data protection

Let us help keep your hospital’s digital network safe from risk

We offer:

  • security through design and product lifecycle management
  • ongoing risk monitoring and vulnerability management
  • built-in defense layers
  • regular security updates as required

This fortified, diversified approach allows you to use our devices without fear of compromise or downtime, so you can concentrate on delivering the best possible care to those most in need.

Radiometer Medical’s information Security Management System comprehensively complies with ISO 27001:2013. Our System’s broad scope includes:

  • Design and delivery of software systems, blood gas analyzers, transcutaneous blood gas and pulse oximetry monitors, and fluorescence immunoassay analyzers
  • Design, deployment, operation and servicing of digital services critical to supporting our analyzers on site
You must give your consent to marketing cookies to view this content.
Click here to renew consent

A risk-based approach for enhanced protection

As the engineers and experts of our connected medical devices, we understand the importance of incessant risk monitoring. From preliminary designs through every stage of a solution’s lifecycle, we continuously identify and protect our devices from cybersecurity threats and vulnerabilities.

This risk-based approach ensures we enhance protection while minimizing any operational impact.

 


Software vulnerabilities

We assess our solutions’ software through the Common Vulnerability Scoring System (CVSS), an open industry standard framework for evaluating cybersecurity vulnerabilities in software.
Coordinated vulnerability disclosure

Penetration test

An independent third-party vendor conducts penetration tests of our products and services. These tests evaluate the security of a system and explore both identified and unidentified vulnerabilities.

A risk-based approach for enhanced protection

As the engineers and experts of our connected medical devices, we understand the importance of incessant risk monitoring. From preliminary designs through every stage of a solution’s lifecycle, we continuously identify and protect our devices from cybersecurity threats and vulnerabilities.

This risk-based approach ensures we enhance protection while minimizing any operational impact.

 


 


Software vulnerabilities

We assess our solutions’ software through the Common Vulnerability Scoring System (CVSS), an open industry standard framework for evaluating cybersecurity vulnerabilities in software.
Coordinated vulnerability disclosure

Penetration test

An independent third-party vendor conducts penetration tests of our products and services. These tests evaluate the security of a system and explore both identified and unidentified vulnerabilities.

Your partner in compliance and data security

Using our multi-layered security system will help you meet increasing security needs while protecting both patient data and connectivity from viruses and malware attacks.


Explore system features below:


Your partner in compliance and data security

Using our multi-layered security system will help you meet increasing security needs while protecting both patient data and connectivity from viruses and malware attacks.


Explore system features below:

 

Radiometer analyzers

  • Stored data including PII/PHI* is encrypted.
  • All unused ports are closed.
  • Audit trail registers all users logging on and off.
  • Windows Firewall is always enabled.
  • Application Control – only software approved by Radiometer can be installed.
 

Connection between devices and AQURE middleware

  • Customers are responsible for the PCs and servers placed in their hospital.
  • All access to AQURE data is managed through the application, based on specific rights for managed users.
 

Data in motion to Radiometer

  • No PII/PHI* data transfer, only analyzer performance related data
  • Outbound connection only through dedicated ports.
  • Authentication and outbound data encryption only through TLS protocols.
  • All certificates used during endpoint authentication are issued by Radiometer.
 

Data insights – Microsoft cloud

  • No PII/PHI* data stored.
  • Only analyzer and software performance-related rich data are stored (e.g., status and QC).
 

Radiometer field service engineer troubleshoots remotely

  • Access is restricted to certified Radiometer field service engineers
  • No PII/PHI data are visible or accessible at any time.
  • Any remote access to a device is logged with a timestamp, technician ID and a video of the entire session.
 

Radiometer network

  • Network for remote support trouble shooting.
  • No PII/PHI* data stored - only analyzer and software performance-related are stored.
  • All Radiometer’s digital solutions are enabled with multi-factor authentication.
 

Radiometer transcutaneous monitor

  • Patient and performance data located on the monitor are encrypted.
  • The device has three levels of user roles: key operator, operator, and service user.
  • Data transmission to other devices is possible via cable and network.
* PII = Patient Identification Information / PHI = Patient Health Information

We have established a multi-layered defense system

We share the responsibility of implementing and monitoring the various security layers with our customers. While the specifics of each layer will differ depending on the device or solution in question, they can broadly be categorized as:



Data at rest

Protection of the data through encryption, scrambling and anonymization, as appropriate.

Application

User management protects limited access via ID and password control, authentication, software installation control, and audit trails of activity.

Operating system

Based on Microsoft-supported operating systems hardened with restrictions imposed as appropriate, Application Control, Patch management and system updates tested prior installation.

Physical layer

Guidelines around responsibilities of customers and users to prevent unwarranted access.

Network

Firewall to protect data, port protection prevents breaches and allows for remote support and data insights.

Policies

Radiometer follows industry-recommended security best practices throughout our development lifecycle, deployment, and operations.

Application Control

Application Control is a means of ensuring only software signed and approved by Radiometer can be installed and run on the analyzer. Malware will lack the digital signature that approves the software and thus, cannot be installed. Only Radiometer can sign the software.

Application Control improves cybersecurity. If a program is not on our list of approved software, it cannot be run on the analyzer.

Patch management

Radiometer has established processes to monitor and evaluate the security updates of all third-party vendor software embedded in our solutions including Microsoft supported operating systems.

These updates are assessed with respect to applicability (relevance) and risk to decide when patching is needed. This can activate specific communication processes contingent upon the severity of an identified vulnerability.

Industry-recommended security best practice

We comply with the following standards:
  • ISO 27001:2013 Information Security Management
  • ISO 14971 Medical devices – Application of risk management to medical devices
  • ISO/IEC 80001-1 Application of risk management for IT networks incorporating medical devices
  • IEC 62304 Medical device software – Software lifecycle process
We comply with the following standards:
  • EC 62366 Medical devices – Part 1: Application of usability engineering to medical devices
  • HIPPA/HITECH
  • ANSI/NEMA HN 1 2019
  • GDPR – Data privacy policy is available at www.radiometer.com/DPN
We comply with the following standards:

We´ll help keep you secure and compliant

As part of our customer care offering, we continuously monitor and update your Radiometer solutions’ software to ensure compliance, add new functionalities and make necessary corrections.

Software updates and security packages for ABL and AQT analyzers are part of our various levels of service agreements.

We´ll help keep your software and Radiometer solutions current and secure as we support you in taking care of the patients at hand.

An integrated POC IT and Services solution

Security is part of Connect & Care.

Connect & Care is a customizable, total solution that connects and supports medical devices, data, and people to keep your POC testing setup running smoothly, placing you a step ahead to put life first.

Learn more
MAPSSS-000273 R5

Cookies are used on this website

Use of cookies
Don't show this message again
Confirm your account with Radiometer

Please enter a valid email

CONTINUE
By submitting your e-mail you agree to the data policy notice
Radiometer is using Microsoft Azure Active Directory to authenticate customer access. If you are already registered you will be taken to Microsoft AD to sign in using your Microsoft AD credentials.
You are already registered
SIGN IN
Radiometer is using Microsoft Azure AD to authenticate customer access. If you are already registered you will be taken to AZURE to sign in using your AZURE credentials.
Thank you

We will be sending an e-mail invitation to you shortly to sign in using Microsoft Azure AD.

CLOSE BANNER
Radiometer is using Microsoft Azure AD to authenticate customer access.
Sorry

It seems that your e-mail is not registered with us

TRY AGAIN CONTINUE
Radiometer is using Microsoft Azure AD to authenticate customer access. If your e-mail is not registered with us please click CONTINUE and we will guide you through the sign-in process.
We have previously sent an invitation by e-mail

Please click "Get started" in the e-mail to complete the registration process

RESEND E-MAIL
Radiometer is using Microsoft Azure AD to authenticate customer access.
Sorry

We were not able to process your request due to a communication error

TRY AGAIN
Sorry

It seems this account has not been given access to the portal

Continue

Radiometer is using Microsoft AZURE Active Directory to authenticate users

Radiometer uses Azure AD to provide our customers and partners secure access to documents, resources, and other services on our customer portal.

If your organization is already using Azure AD you can use the same credentials to access Radiometer's customer portal.

Key benefits

       
  • Allow the use of existing Active Directory credentials
    •    
  • Single-sign on experience
    •    
  • Use same credentials to access future services    

Request access

You will receive an invitation to access our services via e-mail when your request  has been approved.

When you accept the invitation, and your organization is already using AZURE AD, you can use the same credentials to access Radiometer's customer portal. Otherwise, a one-time password will be sent via e-mail to sign in.