June 26, 2017 — Fujifilm Medical Systems U.S.A. Inc. announced that its Synapse PACS (picture archiving and communication system) line has been granted Authority to Operate (ATO) on networks in the U.S. Department of Defense (DoD). The announcement makes Fujifilm the first vendor with a networked medical system to attain a Risk Management Framework (RFM)-based ATO.
In the past year, the DoD transitioned from its traditional DIACAP process to a new RMF process for evaluating technologies and determining ATO status. The new process contains thousands of changes and generally takes over a year to complete.
The Risk Management Framework provides a process that integrates security and risk management activities into the system development life cycle. The risk-based approach to security control selection and specification considers effectiveness, efficiency and constraints due to applicable laws, directives, Executive Orders, policies, standards or regulations.
After completing a thorough security assessment, the DoD determined that Fujifilm’s Synapse PACS line meets its controls for RMF including the DoD 8500 Series controls and the Security and Technical Implementation Guides (STIG) requirements. The new ATO granted to Fujifilm is valid until March 2020.
For more information: www.fujimed.com