Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

White Paper (Draft)

[Project Description] Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector

Date Published: November 14, 2017
Comments Due: December 14, 2017 (public comment period is CLOSED)
Email Questions to:


Jennifer Cawthra (NIST), Kevin Littlefield (MITRE), Sue Wang (MITRE), Kangmin Zheng (MITRE)



access control; auditing; authentication; authorization; DICOM; encryption; life cycle management; multifactor authentication; PACS; physical security; Picture Archiving and Communication System; PAM; Privileged Account Management; provisioning management; user analytics; Vendor Neutral Archive; VNA
Control Families

Access Control; Audit and Accountability; Identification and Authentication; Risk Assessment; System and Communications Protection; System and Information Integrity