Information Security & Privacy (ISP)

The objective of Information Security & Privacy (ISP) in Agfa HealthCare is to protect and preserve the confidentiality, integrity and availability of Protected Health information in its organization and products.

Our policy statement pdf  on Information Security & Privacy states:

"Agfa HealthCare is committed to support care providers in protecting the privacy of their patients by delivering secure products and services.

We strive:

· to make Information Security & Privacy an integral part of the quality of our products and services and of our organization and operations;

· to protect privacy, especially patient data;

· to comply with various privacy and security regulations which are applicable to our organization and customers;

· to secure information as critical asset of our business."

In order to fulfill its Information Security & Privacy mission, Agfa HealthCare has adopted an Information Security Management System (ISMS). This ISMS has been ISO 27001 certified pdf  since 2010 and its scope is gradually extending to cover all products, solutions and geographical locations.

Agfa HealthCare also provides information about security controls implemented in its healthcare products and solutions through the publication of Manufacturer Discloser Statements (MDS2).

Agfa HealthCare too is committed to inform its Customer base when Information Security & Privacy incidents or vulnerabilities are detected. For the latest news, please check our ISP Incidents & Vulnerabilities paragraph.

ISP Incidents & Vulnerabilities

This page informs you about Information Security & Privacy incidents and/or vulnerabilities that might impact our Customer base. Please check this page on a regular interval.

Known incidents & vulnerabilities:

· Heartbleed bug
MDS2

Manufacturer Disclosure Statement for Medical Device Security


The MDS2 form provides information about the security controls, which are implemented in a medical device in order to protect the PROTECTED HEALTH INFORMATION (PHI) transmitted or stored by the medical device. Healthcare providers may use the MDS2 form during the risk analysis of their organization.

MDS2 is a joint effort of Healthcare Information and Management Systems Society (HIMSS) and The Association of Electrical and Medical Imaging Equipment Manufacturers (NEMA). More information about MDS2 can be found here.

To view or print PDF douments, you must have the Adobe Acrobat® Reader®. The Reader is free and available from Adobe's web site.

The MDS2 forms of Agfa HealthCare products are available here :

IMPAX :
IMPAX 5.2 MDS2 pdf (233 KB)
IMPAX 6.4 MDS2 pdf (220 KB)
IMPAX 6.5 MDS2 pdf (378 KB)

IMPAX Agility pdf (355 KB)

NX CR/DR Modality Workstation :
NX MDS2 pdf (255 KB)