Company / News

Cyber Security in Medical Devices

Young Man With Code Streaming On His Face

Cybersecurity continues to gain attention as advancements in smart medical devices and platforms are made, and more providers opt for the use of connected medical devices. Beyond the technology itself, what makes the landscape more challenging to navigate is a multitude of guidelines, specifications, and standards set forth by various entities, including government, private, and hybrids of the two regarding cybersecurity practices for medical devices.

In addition to the U.S. regulatory landscape, there are also the international requirements, for example, Health Canada guidance on premarket requirements for medical device cybersecurity (2019), the Australia Therapeutic Goods Administration (TGA) medical device cybersecurity guidance for industry (2019), and the European Medical Devices Regulation (MDR) and In-vitro Diagnostic Medical Devices Regulation (IVDR).

It is important to note that both U.S. and international cyber security-specific requirements are in addition to other regulations dealing with protecting or processing of personal data stored in medical devices. For example, at the E.U. level, in addition to the MDR/IVDR regulations, the NIS Directive (E.U.) 2016/1148 and the General Data Protection Regulation (E.U.) 2016/679 (GDPR), and the E.U. Cybersecurity Act (Regulation (E.U.) 2019/881), are also relevant to medical devices.

The key U.S. federal agencies, the Food and Drug Administration (FDA), Office of the National Coordinator for Health I.T. (ONC), and the Federal Communications Commission (FCC), each have unique responsibilities in the health I.T. arena and are working together on strategies and recommendations for an appropriate, risk-based regulatory framework.

Read the full brief here…
About the Author:

Soody Tronson is the Founding Managing Counsel at STLG, a boutique Silicon Valley technology law firm.

Related News

New Regulations for CE: Changing Landscape...

by Walt Maclay At the 10x Medical Device Conference, which...

Point of Sale (POS) System Delivered...

With intense deadline pressure to demo a new working system...

Wearable Device Design Mistakes

Frequently, we are called in to perform design reviews of...

Newsletter Sign Up
Get Expert Consulting

Voler is really good at identifying risks and finding the best way to do a project on-time, on spec, and easy to manufacture.