Point-of-care testing (POCT) and IT security concepts

Point-of-care testing (POCT) has been an essential service in hospitals for many years with a main focus on reliability, classical laboratory quality criteria and easy handling. Hospital information technology (IT) security regulations, however, have not yet been adapted to the specificities of POCT. Following the POCT Symposium in Munich, the “1st Round Table POCT-IT-Security Meeting” held in October 2019 in Cologne addressed these issues and managed to establish first consensus results in the essential fields of user, data and update management, as well as network connections and user-friendliness. First practical steps include optimizing the user management by connection to a directory service and definition of access control (including emergency authorization). Patient data economy on analyzers in combination with data and data transmission encryption as well as technically secure communication protocols are relevant steps in the fields of data management and network connections. An update management needs to be contractually defined for remote services and generally includes testing in a protocol-based scenario. Providing an organizational structure for POCT-IT security is a necessary prerequisite, as are continuous training and awareness for this topic with a strong focus on usability.