NephroFlow

Cyrex has been proud to partner with NIPRO Digital to enhance the security of their dialysis software, Nephroflow. This process-driven application streamlines dialysis planning and provides high-quality care for patients. Cyrex has a long-standing relationship with NIPRO Digital, serving as a trusted security advisor.

Challenge

As part of the ISO27k certification for healthcare information security, Cyrex conducted both white box and grey box penetration testing on Nephroflow’s desktop and mobile apps. The focus was on ensuring the highest level of security in authentication and information protection, as the software is used by both medical professionals and patients.

Solution

The Cyrex team tested various functionalities and potential flaws, including patient data privacy, access controls, authentication and authorization, denial-of-service protection, business logic flaws, and intellectual property protection for proprietary algorithms. Critical vulnerabilities were identified and prioritized by NIPRO Digital, and Cyrex provided a comprehensive report with recommended solutions. The vulnerabilities were then patched, and our team will continue to support NIPRO Digital in their security efforts.