GE Healthcare

CardioSoft™ V7.0
Privacy and Security Manual
Software Version 7.0
2096198-008D

CardioSoft™ V7.0
Privacy and Security Manual
English
© 2018 General Electric Company
All Rights Reserved.
Publication Information
This document describes version 7.0 of CardioSoft V7.0, also referred to as the “product”. It does not apply to earlier product versions. Due
to continuing product innovation, specifications in this document are subject to change without notice.
MUSE, MARS, CASE and CardioSoft are trademarks owned by GE Medical Systems Information Technologies, Inc., a General Electric
Company going to market as GE Healthcare. All other trademarks contained herein are the property of their respective owners.
Date of first CE mark-1997
NOTE:
Illustrations in this document are provided as examples only. Depending on system configuration, screens in the document may differ
from the screens on your system. Patient names and data are fictitious. Any similarity to actual persons is coincidental.
The document part number and revision are on each page of the document. The revision identifies the document’s update level. The
revision history of this document is summarized in the following table.

Revision Date Comment

A 20 March 2018 Initial Release

B 15 June 2018 Initial Release

C 18 October 2018 Customer Release

D 26 May 2020 Included "Language Information"

section.

Removed LDAP account details.

To access other GE Healthcare Diagnostic Cardiology documents go to https://www.gehealthcare.com/en/support/support-

documentationlibrary, and click Enter Customer Documentation Portal.
To access Original Equipment Manufacturer (OEM) documents, go to the device manufacturer's website.
Support
GE Healthcare maintains a trained staff of application and technical experts to answer questions and to respond to issues and problems
that may arise during the installation, maintenance, and use of this product.
If you require additional assistance, contact your GE Healthcare representative or GE Healthcare support at one of the following numbers:
• North America: 1-800-558-7044
• Europe: +49 761 45 43 -0
• Asia: +86 21 3877 7888
Training
This document is intended as a supplement to, not a substitute for, thorough product training. If you have not received training on the use
of the product, you should request training assistance from GE Healthcare.
To see available training, go to the GE Healthcare training website (www.gehealthcare.com/training). Select Education > Product
Education-Technical > Diagnostic Cardiology. For more self-paced course offerings, tools, and reference guides you may find useful,
please visit the GE Healthcare Education Store at www.gehealthcare.com/educationstore.

2 CardioSoft™ V7.0 2096198-008D

 Language Information

Language Information
WARNING If a customer's service provider requires a language other than English, it is the customer's
(EN) responsibility to provide translation services.

ПРЕДУПРЕЖДЕНИЕ Ако доставчикът на услугата на клиента изиска друг език, задължение на клиента е да
(BG) осигури превод.

VAROVÁNÍ Vpřípadě, že externí služba zákazníkům potřebuje návod vjiném jazyce, je zajištění
(CS) překladu doodpovídajícího jazyka úkolem zákazníka.

ADVARSEL Hvis en kundes tekniker har brug for et andet sprog end engelsk, er det kundens ansvar at
(DA) sørge for oversættelse.

WARNUNG Falls der Kundendienst eine andere Sprache benötigt, muss er für eine entsprechende
(DE) Übersetzung sorgen.

ΠΡΟΕΙΔΟΠΟΙΗΣΗ Εάν το άτομο παροχής σέρβις ενός πελάτη απαιτεί το παρόν εγχειρίδιο σε γλώσσα εκτός
(EL) των αγγλικών, αποτελεί ευθύνη του πελάτη να παρέχει υπηρεσίες μετάφρασης.

ADVERTENCIA Si el encargado de mantenimiento de un cliente necesita un idioma que no sea el inglés, el

(ES) cliente deberá encargarse de la traducción del manual.

HOIATUS Kui klienditeeninduse osutaja nõuab juhendit inglise keelest erinevas keeles, vastutab
(ET) klient tõlketeenuse osutamise eest.

VAROITUS Jos asiakkaan huoltohenkilöstö vaatii muuta kuin englanninkielistä materiaalia,

(FI) tarvittavan käännöksen hankkiminen on asiakkaan vastuulla.

ATTENTION Si un service technique client souhaite obtenir ce manuel dans une autre langue que
(FR) l'anglais, il devra prendre en charge la traduction et la responsabilité du contenu.

UPOZORENJE Ukoliko korisnički servis zahtijeva neki drugi jezik, korisnikova je odgovornost osigurati
(HR) odgovarajući prijevod.

FIGYELMEZTETÉS Ha a vevő szerviz ellátója angoltól eltérő nyelvre tart igényt, akkor a vevő felelőssége a
(HU) fordítás elkészíttetése.

PERINGATAN Jika penyedia jasa servis pelanggan memerlukan bahasa lain selain dari Bahasa Inggris,
(ID) merupakan tanggung jawab dari penyedia jasa servis tersebut untuk menyediakan
terjemahannya.

AÐVÖRUN Ef að þjónustuveitandi viðskiptamanns þarfnast annars tungumáls en ensku, er það

(IS) skylda viðskiptamanns að skaffa tungumálaþjónustu.

AVVERTENZA Se un addetto alla manutenzione richiede il manuale in una lingua diversa, il cliente è
(IT) tenuto a provvedere direttamente alla traduzione.

警告 サービスを担当される業者が英語以外の言語を要求される場合、翻訳作業はその業
(JA) 者の責任で行うものとさせていただきます。

ЕСКЕРТУ Тұтынушының қызмет провайдері ағылшын тілінен басқа тілдегі нұсқаны талап етсе,
(KK) аудару бойынша қызметтерімен қамтамасыз ету тұтынушы жауапкершілігінде болуы
тиіс.

경고 고객의 서비스 제공자가 영어 이외의 언어를 요구할 경우, 번역 서비스를 제공하는 것은

(KO) 고객의 책임입니다.

2096198-008D CardioSoft™ V7.0 3

Language Information

ĮSPĖJIMAS Jei kliento paslaugų tiekėjas reikalauja vadovo kita kalba - ne anglų, numatyti vertimo
(LT) paslaugas yra kliento atsakomybė.

BRĪDINĀJUMS Ja apkalpošanas sniedzējam nepieciešama informācija citā, nevis angļu, valodā, klienta
(LV) pienākums ir nodrošināt tās tulkošanu.

WAARSCHUWING Indien het onderhoudspersoneel een andere taal nodig heeft, dan is de klant
(NL) verantwoordelijk voor de vertaling ervan.

ADVARSEL Hvis kundens serviceleverandør trenger et annet språk, er det kundens ansvar å sørge for
(NO) oversettelse.

OSTRZEŻENIE Jeśli dostawca usług klienta wymaga języka innego niż angielski, zapewnienie usługi
(PL) tłumaczenia jest obowiązkiem klienta.

AVISO Se o serviço de assistência técnica do cliente não for GE, e precisar de outro idioma, será
(PT-BR) da responsabilidade do cliente fornecer os serviços de tradução.

AVISO Se a assistência técnica do cliente solicitar estes manuais noutro idioma, é da

(PT-PT) responsabilidade do cliente fornecer os serviços de tradução.

AVERTISMENT Dacă un furnizor de servicii pentru clienţi necesită o altă limbă decât cea engleză, este de
(RO) datoria clientului să furnizeze o traducere.

ПРЕДУПРЕЖДЕНИЕ Если сервисному персоналу клиента необходимо руководство не на английском, а на

(RU) каком-то другом языке, клиенту следует обеспечить перевод самостоятельно.

VAROVANIE Ak zákazníkov poskytovateľ služieb vyžaduje iný jazyk ako angličtinu, poskytnutie
(SK) prekladateľských služieb je zodpovednosťou zákazníka.

OPOZORILO Če ponudnik storitve stranke potrebuje priročnik v drugem jeziku, mora stranka zagotoviti
(SL) prevod.

UPOZORENJE Ako klijentov serviser zahteva neki drugi jezik, klijent je dužan da obezbedi prevodilačke
(SR) usluge.

VARNING Om en kunds servicetekniker har behov av ett annat språk än engelska ansvarar kunden
(SV) för att tillhandahålla översättningstjänster.

UYARI Eğer müşteri teknisyeni bu klavuzu İngilizce dşnda bir başka lisandan talep ederse, bunu
(TR) tercüme ettirmek müşteriye düşer.

ЗАСТЕРЕЖЕННЯ Якщо сервісний інженер потребує керівництво іншою мовою, користувач зобов'язаний
(UK) забезпечити послуги перекладача.

CẢNH BÁO Nếu các đơn vị cung cấp dịch vụ cho khách hàng yêu cầu một ngôn ngữ nào khác tiếng
(VI) Anh, thì khách hàng sẽ có trách nhiệm cung cấp các dịch vụ dịch thuật.

警告 如果维修服务提供商需要非英文版本，客户需自行提供翻译服务。
(ZH-CN)

警告 如果客戶的維修人員有英語以外的其他語言版本需求，則由該客戶負責 提供翻譯服
(ZH-TW) 務。

4 CardioSoft™ V7.0 2096198-008D

Table of Contents

Publication Information....................................................................... 2
Language Information............................................................................................. 3

1: Introduction........................................................................................................... 7

2: Privacy and Security Environment................................................................... 8

3: Privacy and Security Capabilities................................................................... 10

Access Controls.................................................................................................................................................... 10
Identity Provisioning...............................................................................................................................10
User Authentication............................................................................................................................... 11
Assigning Access Rights...................................................................................................................... 12
Patient Privacy Consent Management......................................................................................... 12
Privacy and Security Audit Logging and Accountability Controls................................................ 12
Access to Audit Logging Information............................................................................................12
Audit Logging Content..........................................................................................................................12
Management of Audit Logs............................................................................................................... 13

4: Information Protection......................................................................................14
Network Security................................................................................................................................................. 14
Firewall Configuration........................................................................................................................... 14
Network Infrastructure......................................................................................................................... 15
System Interconnections..................................................................................................................... 15
Network Requirements.........................................................................................................................15
Network Protocols...................................................................................................................................15
Removable Media Security............................................................................................................................. 16
Data Destruction for Portable Media............................................................................................ 16
Stored Data Security..........................................................................................................................................16
System Data Security............................................................................................................................16
Backup.......................................................................................................................................................... 16
External Data Flows...............................................................................................................................17
Stored Data................................................................................................................................................ 17
Business Continuity............................................................................................................................................ 17

5: System Protection..............................................................................................18
Protection from Malicious Software...........................................................................................................18
Security Vulnerability Scanning........................................................................................................19
Workstation Security......................................................................................................................................... 19
Product Change Management..................................................................................................................... 20
Operating System................................................................................................................................... 20
Security Updates / Patches................................................................................................................20
Potential Hazardous Situations from IT Network Failures...............................................................20

6: Personal Information Collected by the Product........................................... 21

A: Abbreviations and Definitions......................................................................... 23
 Introduction

1
Introduction
This manual describes the intended use, privacy and security capabilities, and how
they are configured and used appropriately for the CardioSoft Diagnostic Workstation
(referred to as the "device" throughout this document).
This manual assumes that the reader understands the concepts of privacy
and security. Privacy is the property of protecting the personal private interests
of patients. Security protects both the system and information from risks to
confidentiality, integrity, and availability. Security protects privacy but also protects
more broadly against these risks. Privacy requires security. In Healthcare, one must
balance privacy, security, and safety. Most of the time, there is no conflict between
these three domains of risk. The healthcare provider organization is encouraged to
use risk management procedures to assess and prioritize privacy, security, and safety
risks. Through the use of risk management, one can determine how to best leverage
the capabilities provided in the device.

2096198-008D CardioSoft™ V7.0 7

Privacy and Security Environment

2
Privacy and Security Environment
The Diagnostic Workstation has been designed for an intended use with the following
expectations of Privacy and Security protections included in the environment where
this product will be used:
• It is intended to be used by trained operators under the direct supervision of a
licensed healthcare practitioner on adult and pediatric patients.
• It is designed to acquire, process, record, archive, analyze and output (12 and 15
lead) ECG data during a period of physiologic stress or during a resting ECG test,
acquire data from ancillary devices (such as Spirometry and Ambulatory Blood
Pressure), provide median morphology recordings and record ECG in real-time,
with or without arrhythmia detection.
• The arrhythmia detection of the Diagnostic Workstation is provided to the user
for the convenience of automatic detection of arrhythmia but does not provide
alarms.
• It provides the control of an external device (typically a treadmill or Ergometer) and
communicates with centralized electronic/digital storage systems via a network.
• It provides a user-selectable option for printouts of prognostic scores on select
reports. Vector loops are also available.
• It can be configured in a network environment for multiple CardioSoft work
stations allowing the user to create a central database of patient demographics
and collected patient physiological data.
• It is intended to be used primarily in the hospital but can be used in clinics,
physician offices, outreach centers or wherever exercise, stress testing, ECG,
spirometry or ambulatory blood pressure testing is performed.
• It offers no diagnostic opinion to the user. Instead it provides interpretation
statements of morphology, rhythm, and conduction for which the physician
renders own medical opinion.
• It should be connected to a secured network, not open to unintended users.
• The system should be physically secured in a way that it is not accessible for
unintended users.

8 CardioSoft™ V7.0 2096198-008D

 Privacy and Security Environment

• Default application users and passwords should be replaced with customized

users and passwords.
• External media containing patient data, reports and logs should be secured. When
no longer used, the data should be securely erased.
• The system monitors should be placed in a way limiting the visibility to the user
only.

2096198-008D CardioSoft™ V7.0 9

Privacy and Security Capabilities

3
Privacy and Security Capabilities
This device incorporates a broad assortment of capabilities to enable privacy and
security. This section describes the privacy and security capabilities.

Access Controls
The access control features may be used to help control access to sensitive
information. Access control includes user account creation and assigning privileges.
Identity Provisioning
The provisioning of user accounts includes account creation, maintenance, and
suspension of the account when it is no longer needed. A user account is created
for a specific individual. This user account is associated with access rights, and is
recorded in security audit logging.
This device supports the following types of Windows Configured accounts:
• Local user accounts: These user accounts must be managed on the device.
Management of User Accounts
CardioSoft is delivered with the pre-defined Supervisor user account. This user
belongs to the Technician group and has the following privileges:
• Edit Data
• System Configuration
• Setup
The Supervisor user can enable user authentication for the application and create
additional local user accounts.
The Supervisor user can also assign users to groups and grant required privileges to
each user.
A user can be assigned any of the following privileges:

10 CardioSoft™ V7.0 2096198-008D

 Privacy and Security Capabilities

Table 1: User Privileges

User Privilege Description

Edit Data Enables editing of test and patient data

System Configuration Enables editing of system configuration including configuration of

communication with external systems.

Setup Enables editing of test settings.

External User Enables receiving of data from remote test stations.

When receiving the device, it is recommended that the customer selects one of the
following approaches to ensure customer control of the user accounts:
• Manage local user accounts
a. Create and maintain user accounts for each user of the device.
b. Assign each user the appropriate privileges.
NOTE:
• Make sure to give administrative rights only to users intended to perform
administrative tasks on the device (this should be a limited number of
users).
• It is recommended to create individual users for each person who will use
the device. This is required to associate actions performed on the device
with individual persons in the audit logs.
• It is recommended to establish routines to remove or disable user accounts
which are no longer in use.
Password Policy
It is recommended to establish operational procedures to implement password
policies. Follow the guidelines to set or change the password for a local user account:
• The password must contain at least 6 characters.
• It is recommended to set a password with at least one occurrence of each of the
following characters:
• Uppercase letter (A-Z)
• Lowercase letter (a-z)
• Number (0-9)
• Special character (!,@,#,$,%,^,&,*)

User Authentication
User authentication ensures that the user attempting to use the application is the
user associated with the account.

2096198-008D CardioSoft™ V7.0 11

Privacy and Security Capabilities

Assigning Access Rights

Assigning access rights is an administrative process to associate privileges/windows
based with user accounts.
A user defined on the device will be assigned a set of user privileges. This is done by
granting the user account membership to a specific role-based group on the device.
Only the Supervisor user can create and manage the local user accounts.
Service Access
A GE service engineer with a user account can access the Service screen by entering
the Service user password. The service engineer can diagnose issues with the
application using the service application logs and diagnostic tests.
Patient Privacy Consent Management
Patient Privacy Consent Management is the process of supporting the patient
expressing their privacy requirements. This is distinct from other forms of consent
such as the consent to treat.
There is no integrated functionality in the system for Patient Privacy Consent
Management. If needed, operational routines must be established.

Privacy and Security Audit Logging and Accountability

Controls
Privacy and Security Audit Logging and Accountability Controls support security
surveillance and privacy investigations and reporting.
This device provides integrated functionality for both event and audit logging,
including audit logging of privacy-related events. The log functionality includes
capabilities to display the logged events on the device and export the logs to a USB
flash drive or an external media drive. Audit logs may contain Personal Information;
event logs contain only debugging information and do not contain Personal
Information.
Access to Audit Logging Information
A user logged into the PC can access the audit logs through the Event Viewer. Only
users with the System Configuration privilege can configure which events are logged
in the audit logs.
Audit Logging Content
The following audit events are logged in the Windows application log and can be
viewed in the Event Viewer:
• Program Start/Stop
• Procedure Editing
• Procedure Viewing

12 CardioSoft™ V7.0 2096198-008D

 Privacy and Security Capabilities

• Setup Editing
• Procedure Creation
• Procedure Deletion
• Procedure Sent or Print
• Procedure Review
The following information is logged in the Windows application log for each audit
event:
• Log Name
• Source
• Event ID
• Level
• User
• Time stamp in local time
• Task Category
• Computer
• General Description

Management of Audit Logs

Audit logs and exported audit log files may contain Personal Information (PI) and
must be handled according to applicable regulations and guidelines for handling of
Personal Information.

2096198-008D CardioSoft™ V7.0 13

Information Protection

4
Information Protection
This section focuses on Privacy and Security operations, and contains information to
guide in the preparation of a secure environment for the device.
Security operations are best implemented as part of an overall “defense in depth”
information assurance strategy, implemented via an Information Technology
system that addresses personnel and physical security and technology. The layered
approach of "defense in depth" limits the risk that the failure of a single security
safeguard will allow compromise of the system.

Network Security
GE Healthcare strongly recommends that medical information systems are operated
in a secure network environment that is protected from unauthorized intrusion.
There are many effective techniques for isolating and protecting medical information
systems, including implementing firewall protection, demilitarized zones (DMZs), and
Virtual Local Area Networks (VLANs).
To assist in secure network design, the following network profile outlines the required
network services for the device.
The device is supported with an internal firewall. The following two sections describe:
• Configuration of the firewall
• Guidance for configuring the IT infrastructure where it is connected.

Firewall Configuration
All inbound and outbound connections are blocked by the internal firewall of the
device. When the user configures any settings related to NTP, DCP communication,
MUSE system, shared network folder, or remote application access, the device allows
only configured connections. The firewall configuration utility in service can provide
options to customize the network firewall as per the site's network requirements. This
configuration is accessible to a user with service privileges.

14 CardioSoft™ V7.0 2096198-008D

 Information Protection

Network Infrastructure
The infrastructure of the network where the device is connected must be configured
to allow traffic as per the site's requirements. All other traffic to and from the device is
blocked in the network infrastructure to prevent unintended access.
System Interconnections
The system interconnections are described in the following table:

Source/Destination Flow Description

DCP Incoming/ Sending Resting ECG and Exercise test records to the MUSE
Outgoing system or EMR or HIS
Receiving the ECG records from Carts.

MUSEAPI3 Incoming/ Sending/Downloading orders from the MUSE system

Outgoing

NTP Incoming Time synchronization

HTTP/HTTPS Incoming/ Internet Explorer Web browser

Outgoing

Windows Shared Incoming/ Sending/Receiving the ECG records to/from MUSE system or
Folder Outgoing HIS
Receiving the ECG records from Carts.

USB/External Media Incoming/ Exporting Resting ECG and Exercise test records, exporting
storage device Outgoing log files, exporting/importing configuration settings, and
performing software upgrade

For a particular installation, a subset of the interconnections is utilized.

Network Requirements
System Computer (Host) Characteristic
• Both DHCP and static IP allocation are supported.

Network Protocols
Internet Protocols Version
The following internet protocol versions are supported:
• Internet Protocol version 4 (IPv4)
• Internet Protocol version 6 (IPv6)
Ethernet Interface
The following ethernet interfaces are supported:
• LAN
• WAN

2096198-008D CardioSoft™ V7.0 15

Information Protection

• WLAN

Removable Media Security

The device supports removable media such as external USB storage devices.
USB storage devices are used for:
• Exporting patient reports
• System configuration backup and restore
• User configuration backup and restore
• Upgrading software
• Export event logs (service logs) and audit logs (Windows application logs).
Data stored on removable media is stored unencrypted. As this data could contain
PI/PHI, removable media and the content on removable media must be handled
according to applicable regulations and guidelines for handling PI/PHI. A user with
configured access can export the logs, if not configured then all users of the device
can access the logs.
Starting the system from USB removable media cannot be performed. The device
can only launch from system internal memory. For disaster recovery, contact your GE
Healthcare Service support representative.
Data Destruction for Portable Media
This device does not have an internal functionality for secure deletion of data stored
on removable devices.
Approved procedures and tools should be used for secure removal of data stored on
removable media, according to applicable regulations and guidelines for handling PI/
PHI.

Stored Data Security

System Data Security
Data stored on the system is stored in binary on the system’s internal memory.
Encryption of all PI, PHI and sensitive data at rest using standard hard drive
encryption mechanism (For example, Microsoft Windows BitLocker using 128 bit or
256 bit encryption) is supported by CardioSoft.
Backup
This device does not have the capabilities to automatically back up your data. Data
can be backed up to external media. The device stores data unencrypted to the
backup target. This includes export of patient reports and patient information to a
USB drive.

16 CardioSoft™ V7.0 2096198-008D

 Information Protection

The removable media used for the backup must be secured to ensure the security of
the backed up data from the device.
External Data Flows
The device supports interconnections to external storage systems. This includes
shared folders on the network for software updates, or communication with the
MUSE system. The security of data stored on the interconnected system must be
secured on the external storage system (outside the scope of this device).
Stored Data
Data on the device, such as patient information in the database, patient reports, and
audit logs, is stored as binary on the file system.
Event logs are not encrypted, but contain only debug information. They do not
contain PI/PHI.
The directories potentially containing PI on the host computer are listed in the
following table:

Table 2: Patient Data Stored on Host Computer

Data Description

Local Archive Database containing personal information (PI)

Audit log Readable audit log containing personal information (PI) such as Patient ID

Business Continuity
This device is not intended to be a long-term storage archive. This device can
transmit unencrypted patient reports to the MUSE system or a USB drive. After
transmitting patient reports to any of these destinations, customers are responsible
for their own archive solution. To ensure business continuity, the target for the patient
data archive must be chosen carefully to ensure safe storage of the data.
In the event of power failure or other cases requiring restarting of the device, patient
reports saved on the device are not lost. A patient report that was not accepted and
saved before the event occurred will be lost.
If the hard disk gets replaced, the patient data stored on the device is lost. Backup the
data before you replace the hard disk.

2096198-008D CardioSoft™ V7.0 17

System Protection

5
System Protection
The system must be configured and maintained in a way that continually protects
privacy and security.

Protection from Malicious Software

The computing environment is increasingly hostile, and threats continue to grow
from malicious software, including computer viruses, worms, Trojan horses, denial
of service attacks, and other malware. Vigilant defense on many levels is required to
keep systems free from compromise by malicious software. In most cases, effective
protection requires cooperation and partnership between GE Healthcare and our
customers.
Commercial anti-virus software is commonly used on general-purpose computers
to detect the presence of malicious software. Anti-virus software is useful on
general purpose computers as they cannot be sufficiently hardened against the
attack vectors used by malicious software. This device, however, is a single purpose
(dedicated) device that has controlled intended use. The functional performance risks
introduced by using commercial anti-virus software would outweigh the security
benefits. Such risks include:
• Real-time anti-virus scanning can affect system performance.
• Quarantining of clinical data that appears to match a virus signature.
• Introduction of false-positive results.
• The anti-virus software itself is a popular attack vector.
• Disruptive nature of the support of the anti-virus software throughout the life
cycle of the medical device. The operating system is part of a medical device that
requires a special and controlled release process. Any update of the anti-virus
software would require a change of the system software.
Due to the cited risks, the use of commercial anti-virus software is not part of the
product security strategy.
This device is protected from malicious software attacks in the following ways:
• The file system is read-only. This prevents copying of viruses to the file system.

18 CardioSoft™ V7.0 2096198-008D

 System Protection

• The USB drives mounted on the device are provided read-write access, but cannot
executed.
• The software must be digitally signed before it can be installed.
• You must have the software update privilege to install the software.
• The network firewall blocks inbound transfers.

Security Vulnerability Scanning

Potential security vulnerabilities of the device are revealed using an industry standard
system security scanning tool to check for vulnerabilities. Identified vulnerabilities are
mitigated as appropriate based on the risk assessment of the product.
Security scanning is performed at several stages during development of the product.

Workstation Security
This device can be configured by customer to improve operational security such as:
• Manual and automatic standby
• Manual and automatic lock
• Manual and automatic shutdown
• Firewall considerations
• Network digital certificate management
• Considerations for workstation removable media such as USB interface.

Table 3: Workstation Security

Features Description

GE Healthcare Service mode access on the device can be controlled by individual user
service access authentication privileges. By default, GE Healthcare field engineers do not have
access to the device ensuring that no unauthorized users can gain access. A local
administrator can enable the local Service User account as necessary. To modify
device information, a service engineer needs to log in using the Service User
account and a device-specific password. To perform any other service tasks, a
service engineer can log in using the Service User account or a user account with
sufficient service access privileges.

Automatic If user authentication is enabled, the device can be locked and Automatic
screen lock Screen Lock can also be enabled. The inactivity timeout duration after which the
screen automatically locks is configurable. When the screen is locked, no patient
information is visible on the screen. To unlock the screen, the user must enter the
password of the current logged in user of the system or log in as another user.
Logging in as another user logs out the currently logged in user.

2096198-008D CardioSoft™ V7.0 19

System Protection

Product Change Management

Operating System
For supported Operating Systems with CardioSoft, please refer to Installation Manual.
Security Updates / Patches
GE Healthcare is constantly monitoring for security vulnerabilities applicable to
its products. This includes vulnerabilities in the application software, third-party
components, and the underlying operating system.
Announced vulnerabilities in the operating system or other third-party components,
are assessed based on the device configuration and use.
When needed, GE Healthcare will release software updates that include any
applicable security updates and patches in them.

Potential Hazardous Situations from IT Network Failures

The following have been identified as potentially hazardous situations as a result of
the IT network failure:
• Delayed or impaired access to patient reports or patient data
• Corruption of patient reports or patient data
• Inability to synchronize time
Connection of the device to a network that includes other equipment could result in
unidentified risks to patients, operators or third parties. The responsible organization
should identify, analyze, evaluate, and control these risks on an ongoing basis, and
after changes are made to the network that could introduce new risks and require
additional analysis, such as:
• Changes in network configuration
• Connection of additional items to the network
• Disconnecting items from the network
• Update of equipment connected to the network
• Upgrade of equipment connected to the network

20 CardioSoft™ V7.0 2096198-008D

 Personal Information Collected by the Product

6
Personal Information Collected by the
Product
This device collects patient demographic information and personal or protected
health information for use within the system.
Information regarding the users defined on the system is also collected. The following
types of information are collected for the purposes of patient medical diagnosis, user
management, audit logging, and event logging:
• Patient and test demographics
• Patient reports
• Facility information
• Provider information
• Device data
If the device is connected to external systems, patient information and reports will
be communicated to/from the external systems. The data collected by the device is
protected on the system. The PI collected on the device includes:
• Patient ID
• Patient first name
• Patient last name
• Patient gender
• Patient date of birth
• Patient age
• Patient height and weight
• Patient race
• Secondary PID
• Referring MD
• Ordering MD

2096198-008D CardioSoft™ V7.0 21

Personal Information Collected by the Product

• Attending MD
• Order number
• Order date and time
• Order status
• Order type
• Visit number
• Technician
• Location Number
• Location abbreviation
• Room number
• Medical history
• Medications
• Blood pressure
• Heart rate
• Extra questions
• Serial number
• IP address
• Device ID
• User role
• Reason for the test
• Comment
• Test type

22 CardioSoft™ V7.0 2096198-008D

 Abbreviations and Definitions

A
Abbreviations and Definitions
Table 4: Abbreviations

DHCP Dynamic Host Configuration Protocol

ID Identity

LAN Local Area Network

WAN Wide Area Network

WLAN Wireless Local Area Network.

USB Universal Serial Bus

AD Active Directory

NTP Network Time Protocol

DCP DCAR Communication Protocol

EMR Electronic Medical Records

CPU Central Processing Unit

HIS Hospital Information System

Table 5: Definitions

Online Center A GE Healthcare service center

2096198-008D CardioSoft™ V7.0 23

GE Medical Systems
Information Technologies, Inc.
8200 West Tower Avenue
Milwaukee, WI 53223 USA
Tel: +1 414 355 5000
Tel: +1 800 558 5120 (US Only)
GE Medical Systems
Information Technologies GmbH
Munzinger Straße 5
79111 Freiburg Germany
Tel: +49 761 45 43 - 0

GE Medical Systems Information Technologies, Inc., a General Electric Company, going to market as GE Healthcare.

www.gehealthcare.com