Product security and privacy

Striving to build products that are secure by design, in use and through partnership.

Policy statement

We value the confidentiality, integrity and availability of all protected health and personally identifiable information (e.g., PHI, PII) in accordance with all applicable federal and state privacy and security laws, including the Health Insurance Portability and Accountability Act. BD has implemented administrative, technical and physical safeguards, to reasonably protect against security incidents or privacy breaches involving a BD product. However, as systems evolve, vulnerabilities may be identified, and we consider you a partner in this process. If you have any concerns, we ask that you bring them to our attention, and we will investigate and address the issue if necessary, including through responsible disclosure of such issues if they exist.

BD is committed to providing secure products to our customers given the important benefits they provide to patient health. Across BD, we continuously strive to improve security and privacy through the product lifecycle using the following practices where appropriate:

  • Privacy and security by design
  • Product and supplier risk assessment
  • Vulnerability and patch management
  • Secure coding practices and analysis
  • Vulnerability scanning and third-party testing
  • Access control to customer data
  • Incident response

BD Product Security Framework

BD Product Security Infographic

Reporting issues

If you would like to report a potential product-related privacy or security issue (incident, breach or vulnerability), contact:

Email:

Mail:
Becton, Dickinson and Company
Attn: Product Security and Privacy
1 Becton Drive
Franklin Lakes, New Jersey 07417-1880

White papers

BD is developing product security white papers for our connected devices. The purpose of these documents is to provide details on how BD security and privacy practices have been applied, what our customers should know about maintaining security and how we are partnering with our customers to ensure security throughout the product lifecycle.

Request a BD product security white paper by filling out this form or contacting your sales representative.

Alert bulletins

For product security and privacy alerts, notifications and documentation, see the following:

DateAlert/Bulletin
8/31/2018 Product security bulletin for Microsoft Windows Task Scheduler Vulnerability
8/23/2018 Product security bulletin for various Alaris™ Plus Syringe Pumps sold and in-use outside the United States
8/9/2018 Product security bulletin for Kwampirs
6/7/2018 Product security bulletin for WPA2 "KRACK" Wi-Fi Vulnerability
5/22/2018 Product security bulletin for BD Kiestra™
3/23/2018 Product security bulletin for Meltdown and Spectre Update 2
2/12/2018 Product security bulletin for BD FACSDiva
1/23/2018 Product security bulletin for BD Pyxis™ MedStation™ ES
1/12/2018 Product security bulletin for Meltdown and Spectre Update 1
1/5/2018 Product security bulletin for Meltdown and Spectre
10/11/2017 Product security bulletin for Alaris™ PC unit (PCU) (model 8015) update
6/28/2017 Product security bulletin for Petya ransomware
5/13/2017 Product security bulletin for WannaCry ransomware
3/16/2017 Product security bulletin for BD Kiestra™ TLA, BD Kiestra™ WCA, BD Kiestra™ InoquIA™+
2/6/2017 Product security bulletin for Alaris™ PC unit (PCU) (model 8015)
2/6/2017 Product security bulletin for Alaris™ PC unit (PCU) (model 8000)
11/1/2016 Product security bulletin for Alaris™ System residual data
10/14/2016 Product security bulletin for Pyxis MedStation™ ES patching
03/28/2016 Product security bulletin for Pyxis SupplyStation™ upgrade considerations
11/11/2014 Product security bulletin for POODLE vulnerability
10/03/2014 Product security bulletin for Shellshock vulnerability
04/15/2014 Product security bulletin for Heartbleed vulnerability

Partnership program

At BD, we believe industry collaboration is essential to making our products more secure. That is why we strive for security by design, in use and through partnership with stakeholders. Whether our partners are customers managing the security in their own environments, the security research community helping us better research and evaluate emerging threats, or security vendors identifying practical security solutions, we appreciate the opportunity to collaborate. The following are some of the ways we are collaborating:

If you would like to collaborate with BD on product-related privacy or security issue initiatives, contact: productsecurity@bd.com.


Last revised November 30, 2017