Safeguarding Health by Implementing Security by Design
The growth of digital innovation and its application into the healthcare industry has completely transformed the industry. While it has brought, multiple efficiency improvements, it also presents several new threat scenarios. As medical devices rely on components, networks and software technology, enhancing cybersecurity for medical devices is critical to protect patient’s personal information in order to provide secure patient care.
With DEKRA’s testing and certification services, medical device manufacturers can navigate their way through a complex landscape of medical cybersecurity standards and baseline requirements before entering international markets.
DEKRA Medical Cybersecurity Services
DEKRA offers a comprehensive portfolio of medical cybersecurity services to manufacturers worldwide to comply with international healthcare requirements and standards.
To provide organizations understanding of cybersecurity for medical devices, we offer global medical cybersecurity trainings sessions to raise awareness and comprehension about the implementation of international standards and requirements established in regulatory frameworks such as:
- IEC 81001-5-1
- IEC 60601-4-5
- EU Requirements
- FDA Requirements
- ANSI/UL 2900-2-1
To assess the security of your medical devices to international standards, we recommend to previously identify possible cybersecurity non-conformances. This process involves testing in accordance with harmonized standards and international requirements to verify compliance with international regulations.
- IEC TR 6061-4-5 - it stipulates the requirements to be considered from hardware and software approach of connected medical devices, enhancing their security levels.
- IEC 81001-5-1 - it defines all the security requirements that must be incorporated in health software to mitigate any possible vulnerability along the product lifecycle.
- Penetration Testing - to identify vulnerabilities, we simulate a simulation of a real cyber-attack against medical devices The MDGC 2019-16 guidance on cybersecurity for medical devices recommends running verification and validation testing to safeguard cybersecurity for medical devices in the European Market. In case of the USA/FDA, manufacturers must accomplish penetration testing trial to demonstrate conformance with the regulation.
- IEC 62443-4-1 - this standard addresses the requirements for the development of secure medical devices and its cyber-secure lifecycle. Complying with this standard enables the assessment of medical device security, monitoring their level of compliance with the established standards.
- IEC 62443-4-2 - this standard specifies detailed technical requirements for control system components of the medical device, including the security levels for control system capabilities associated components.
Empowering Healthcare with Secure Medical Devices by DEKRA
By choosing DEKRA, you benefit from proven expertise, extensive experience, exceptional customer service, and with a strong commitment to medical cybersecurity. We provide Notified Body CE certification services that allow manufacturers to bring medical devices into the European market while meeting stringent regulatory standards.
Medical Device Regulation (MDR)
Manufacturers of medical devices must comply with this European regulation to prove that the continuously evolving and innovative devices remain secure and reliable.
Details
In Vitro-Diagnostic Regulation (IVDR)
Through this regulation, manufacturers demonstrate compliance with analytical and clinical performance requirements while reinforcing responsibility to safety.
Details