Best Practices Framework for
Health Care Cyber Protection of MEP Systems

Best Practices Framework for Health Care Cyber Protection of MEP Systems

Cyber-risk mitigation is least expensive and most effective when implemented at the initial planning stage of a project. This monograph introduces best practices to mitigate cyber-risk for mechanical, electrical and plumbing (MEP) systems. Vulnerabilities to health care MEP cyberthreat include the disabling of a life safety system, equipment damage, disruption of facility operations or a cyber entry point to a larger hospital network. Cyber-risk increases as buildings and equipment become smarter, more connected and more reliant on networks.

This document outlines a team approach, starting with the health care organization leadership setting the expectations and cyber-risk mitigation tone for the project. When executive leadership empowers information technology, operational technology and facilities professionals, an effective cyber-risk mitigation plan can be enacted. A thoughtful cyber-risk process addresses the safety, efficiency and compliance goals of the health care facility.

This monograph is based on a holistic design and construction process to set up owner operations for success. While it is directed toward new construction projects, the principles may be applicable elsewhere.

 Members Access PDF Members can download a free PDF of the entire monograph
Nonmembers Download PDF Catalog number: P055588
Nonmember: $35.00
Order Print Version Product code: 055588
Member: $25.00, Nonmember: $35.00
Construction RACI Members and Nonmembers download template for free
Design RACI Members and Nonmembers download template for free

Related Resources

This handbook lays out the processes and flow of a health care project, including planning, design and construction. It takes a sequential approach…
Compliance Tools
These crosswalks allow facility professionals to understand how the accreditation standards align with the CMS Conditions of Participation (CoP’s)
This guidebook seeks to help health care facilities managers start down the path to a successful RCM program. It reviews the basics of RCM, details…
Compliance Tools
The Joint Commission (TJC) introduced changes to the Emergency Management (EM) standards which became effective on July 1, 2022.
Compliance Tools
Help prepare your facility for adverse weather-related events through this article and adverse weather checklist available to ASHE members.
Case Studies
Treasure Hunt uncovers $116,600/year in potential energy savings to reallocate to patient care.