Cybersecurity threats are a major concern for connected medical devices and hospital networks.
Advanced services, as well as unprecedented levels of efficiency and effectiveness, are the main drivers behind the healthcare sector’s drive to connect modern medical devices to the internet.
Connected medical devices integrated into hospital networks and cloud solutions offer simplified patient and advanced patient-data-management. Real-time availability of diagnostic data across hospital networks and surgeries, as well as remote monitoring and control features, provide significant added value and cost advantages.
But ubiquitous connectivity simply increases the cyber threat.
Numerous hacks of medical devices, like insulin pumps and pacemakers, demonstrate these risks. Likewise, real-world attacks against hospital networks resulting in downtime and cancellation of appointments and treatments, show just how severe, indeed life-threatening, weak security implementations can be.
Worldwide, regulators have taken action to make resilience against cybersecurity threats a baseline requirement for connected medical devices, systems and networks. Most prominently, the US Food and Drug Administration (FDA) has issued pre-market and post-market guidance documents and is actively pushing manufacturers to provide evidence that requirements are met. In Europe, the new MDR and IVDR become effective in 2021. Similar regulations are available in China and other regions.
We offer a portfolio of tailored cybersecurity services for medical device manufacturers and hospitals, helping them to:
- Comply with regulations and corresponding standards
- Generate evidence and proof that cybersecurity related risks have been considered, evaluated and mitigated for the complete life cycle of devices, systems and networks
We provide training, assessment and certification services, placing special focus on the intertwined relationship of cybersecurity and functional safety.