AHRMM eNews Weekly Member Update
Test, your member number is . Please use this number when registering for any AHRMM event or program. 
5 Reasons to Attend AHRMM17 in Washington, D.C., this Summer
1. Learn about the latest tools and ideas in healthcare supply chain.
2. Hear from dynamic, innovative speakers, including Lt. Col. Rob “Waldo” Waldman.
3. Meet friends and make new connections.
4. Obtain or maintain your CMRP designation (earn up to 15.5 CPEs).
5. Explore new medical products and solutions.
AHRMM17 General Session
Interactive eLearning Course: Integrating Physician Leadership in Supply Chain Management
Physician leadership within healthcare supply chain is fast becoming a requirement to help reduce costs and increase quality and outcomes. In this self-paced eLearning course, you will learn how to find the right physician leader and the skills needed to build a value-based, patient-centric supply chain program. Learn best practices and guidelines your team can adapt and modify to fit your own organization’s unique needs.
AHRMM Congratulates New CMRPs
Congratulations to the following individuals for receiving their Certified Resource and Materials Management (CMRP) credential in April 2017:
Linda Bammert, Saginaw, MN
Catherine Bonhoff, O'Fallon, IL
Donna Colby, San Francisco, CA
Kyle Collier, Lawrenceville, GA
Beth Fuller, Middletown, DE
Clayton Jones, Harrisburg, PA
Michael Kersten, APO, AE
Jesse Waite, Puyallup, WA
Heather Woodling, Valley Center, CA
England’s National Health Service, Others Report Ransomware Attacks
Hospitals and other clinical services in England’s National Health Service reported a ransomware attack, a type of cyberattack in which the actors demand the payment of ransom to regain access to a victim’s data. “This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors,” NHS Digital, the information technology arm of the service, said in a statement. “At this stage we do not have any evidence that patient data has been accessed. NHS Digital is working closely with the National Cyber Security Centre, the Department of Health and NHS England to support affected organizations and ensure patient safety is protected. Our focus is on supporting organizations to manage the incident swiftly and decisively, but we will continue to communicate with NHS colleagues and will share more information as it becomes available.” According to press reports, ransomware attacks also were reported today by companies and organizations in dozens of other countries. For more on the United Kingdom incident, see the Daily Security Intelligence Report from the U.S. National Health Information Sharing and Analysis Center, available to AHA members at www.aha.org/cybersecurity. While there is no guidance specific to this attack at this time, the Department of Health and Human Services’ Office of the Assistant Secretary for Preparedness and Response is urging hospitals to “continue to exercise cyber security best practices – particularly with respect to email.” Microsoft provided an update that will patch this vulnerability in March. AHA urges hospitals to review the Federal Bureau of Investigation’s guidance on malware and continue to monitor news reports as additional details of the ongoing attack unfold.
Source: AHA News Now - May 12, 2017
President Issues Executive Order on Cybersecurity, Critical Infrastructure
President Trump issued an executive order on strengthening the cybersecurity of federal networks and critical infrastructure, which includes hospitals and health systems. Among other provisions, the order calls for each federal agency to use the Framework for Improving Critical Infrastructure Cybersecurity developed by the National Institute of Standards and Technology (or any successor document) to manage the agency’s cybersecurity risk; and for agency heads to provide a risk management report to the Secretary of Homeland Security and Director of the Office of Management and Budget within 90 days.
Source: AHA News Now - May 12, 2017
NIST Issues Draft Guidance on Securing Wireless Infusion Pumps
The National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology, has released draft guidance to help healthcare organizations secure wireless infusion pumps. Developed in collaboration with the healthcare community and manufacturers, the guidance uses standards-based commercially available technologies and best practices to help organizations strengthen the security of their wireless infusion pumps, medical devices used to deliver fluids such as nutrients and medications to patients in controlled amounts. “[W]ith an increasing number of infusion pumps connecting to networks, the vulnerabilities and risk factors become more critical as they can expose the pump ecosystem to external attacks, compromises or interference,” the authors note. According to NIST, the publication includes guidance on how to manage assets, protect against threats and mitigate vulnerabilities by performing a questionnaire-based risk assessment. In addition, the security characteristics of wireless infusion pumps are mapped to currently available security standards and the Health Insurance Portability and Accountability Act Security Rule. NIST will accept comments on the draft guidance through July 7.
Source: AHA News Now - May 10, 2017
AHA Resource Center
Each calendar year, AHRMM members can request up to four hours of research through the AHA Resource Center. Additional time for in-depth projects can be purchased at a special members-only rate.
AHRMM LinkedIn @AHRMMtweets AHRMM YouTube
Association for Healthcare Resource & Materials Management (AHRMM)
155 North Wacker Drive, Suite 400 | Chicago, IL 60606 | www.ahrmm.org
© Copyright 2017 AHRMM.
A personal membership group of the AHA.