Cybersecurity and Privacy

An Essential Priority within the Mindray Distributed Monitoring Network

The digitization of healthcare in the U.S. continues to accelerate. From Electronic Medical Records (EMRs) to millions of connected medical devices, the flow of patient information is increasing exponentially. With such an increase in the volume and modes of data transmission, there comes a greater vulnerability to cybercrime. As a result, cybersecurity and privacy is an ever-growing concern within the healthcare sector.

Endpoint Security

Mindray starts by reducing the network attack surface by segmenting the network, eliminating unnecessary pathways, and restricting access to communications on the network. Finally, locking down and securing these medical devices is the definitive and core component of Mindray Endpoint Security.

Patient Privacy

The BeneVision Distributed Monitoring System (DMS) utilizes user access controls and customized screen configurations to support patient confidentiality. Data displayed on the screen or in reports is configurable to limit patient information. Patient data is securely encrypted on the DMS Servers and in transit. Logs obtained for troubleshooting are extracted without PII or encrypted to protect patient information. Lastly, Mindray integrates with the hospital’s Active Directory to centrally manage user accounts, rights, and permissions to comply with secure password policies. When deployed simultaneously, these various strategies prove effective in supporting patient privacy.

User Access Control is vital in protecting remote access of data from hospital PCs and mobile devices. Mindray Clinician Authentication Service utilizes User Accounts defined within the facility Active Directory offering a custom medical device role definition with over 22 Rights to select from and are assigned by facility and department.

Security by Design Throughout the Network

This type of security focuses on elements that are inherent in the device or system with the explicit purpose of maintaining security. It all starts during product development, where security risk management, security design practices, and security code analysis are performed. Rigorous testing such as Fuzz testing repeatedly bombards a computer application with erroneous random data to look for system crashes and memory leaks. Data obtained from this type of testing can identify any system instability in very challenging circumstances so that these instabilities can be addressed in the design phases before product release. Like Fuzz testing, Penetration testing is another automated technique that simulates a cybersecurity attack to identify both vulnerabilities and strengths within a software application or system. Security by design continues well beyond product release; Mindray continuously evaluates patches and security updates to ensure product security over time.


Mindray’s multifaceted cybersecurity strategies can best be described as Defense-in-Depth. There is no single solution for cybersecurity, but rather a series of measures working together in unison to have a net positive effect. All of the strategies described here are methods that complement existing institutional efforts to reduce the incidence of cybercrime.

Exceptional Service & Support

Purchase from Mindray includes comprehensive clinical training by Mindray’s specialists. Additionally, technical remote support is available 24 hours a day, 7 days a week, at no charge.

Our dedicated field service team and in-house technical support organization represent one of the largest direct service teams in the industry. Individually and collectively they are committed to enhancing patient care while protecting your investment.