St. Jude Medical completes second interoperability testing process for Merlin.net Patient Care Network

Jan 20 2010

St. Jude Medical, Inc. (NYSE:STJ) today announced it has successfully completed its second interoperability testing process for the company’s Merlin.net™ Patient Care Network, an Internet-based repository of patient and implantable device data. The company also announced today that the Merlin.net PCN is the first medical device network to be awarded ISO 27001 certification, a stringent worldwide information security standard.

“Receiving recognition from these two organizations demonstrates to our medical industry stakeholders the high standards St. Jude Medical has set for both the security and efficiency of our patient care network.”

“Due to recent legislation and the changing health care environment, electronic health records (EHRs) and hospital efficiency are key issues for our customers. As the use of EHRs become central to healthcare delivery and quality, secure data transportability is becoming even more critical and as a result, connectivity is a key priority for our company,” said Eric S. Fain, M.D., president of the St. Jude Medical Cardiac Rhythm Management Division. “Receiving recognition from these two organizations demonstrates to our medical industry stakeholders the high standards St. Jude Medical has set for both the security and efficiency of our patient care network.”

ISO 27001 Certification

BSI Management Systems, an international standards, testing, registration and certification organization, has awarded St. Jude Medical the information security certification ISO/IEC 27001:2005. This ISO certification recognizes that St. Jude Medical’s Merlin.net PCN has established processes and standards that maintain the strictest levels of confidentiality, integrity and availability for its customers. The Merlin.net PCN is the first CRM device data network to be recognized with this certification.

ISO/IEC 27001:2005 is an information security management system (ISMS) standard, published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It has become the gold standard in information security across a broad range of industries, with 96 U.S. companies earning certification. The standard specifies the methodology to enable a business to establish, implement, operate, monitor, review, maintain and improve effective information security.

ISO is the world's largest developer and publisher of international standards. It is a non-governmental network of national standards institutes of 157 countries, on the basis of one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. IEC is a not-for-profit, non-governmental international standards organization, also headquartered in Geneva, Switzerland, that prepares and publishes International Standards for all electrical, electronic and related technologies. It currently has over 130 member countries.

IHE Connectathon

During the week of Jan. 11, St. Jude Medical participated in the IHE (Integrating the Healthcare Enterprise) Connectathon testing of the Implantable Device Cardiac Observation profile. This testing demonstrated the ability for the Merlin.net PCN to connect to third-party EHR systems using defined industry standards. Support for this profile allows physicians and hospitals to seamlessly share data from one system to another, thereby increasing productivity, providing tools for improved clinical decision making and quality of care, and eliminating redundant medical device management systems.

In 2007, St. Jude Medical was the first manufacturer of CRM devices to test a product for conformance with an IHE interconnectivity profile. This year, St Jude Medical became the first Cardiac Rhythm Management vendor to successfully complete Connectathon testing of the Implantable Device Cardiac Observation (IDCO) profile for a second time. In this round of testing, St. Jude Medical connected with EHR vendors including Epic, General Electric, NextGen and Medical Micrographics.

The testing process, established by the IHE, is an initiative promoting the adoption of standards that enable healthcare information to be shared seamlessly across clinical settings. The testing took place during the annual IHE Connectathon in Chicago. The organization’s goal is to drive standards for interoperability, increasing efficiency and reducing cost to healthcare customers, such as those in the cardiology, radiology and laboratory markets.