Check on patch updates
Conduct a vulnerability scan
Communicate with device vendors
Request help from third-party managers
Work in tandem with IT
Prioritize patches for devices
Isolate infected devices
* Also, don't install unvalidated patches, which could make medical devices faulty or inoperable. Before installing any security updates or patches, ensure that device manufacturers have validated them, and demand documentation of the validation.
* Don't simply turn off or disconnect networked medical devices that have Windows OS concerns. Work with frontline clinicians to understand what the connectivity is used for and the workflow disruption that will result from disconnecting a medical device from the network. In some cases when workflow disruption is deemed acceptable, a disconnection might be an appropriate risk mitigation strategy until the security patches have been installed.