How to effectively protect your systems with cybersecurity

With the continuous development of digital health applications (DiGA) and the increasing networking of medical devices, the demand for data security is growing: cybersecurity is dedicated to the protection of information and communication technology.

What manufacturers of medical devices should look out for

Patient protection is the top priority. It is essential to protect their health and data from damage caused by cyber attacks. This is already of great significance for reasons of medical confidentiality.

The EU Medical Device Regulation (MDR) and technical guidelines issued by the German Federal Office for Information Security (BSI) also regulate the implementation of cybersecurity in medical devices. International regulations that you should also keep an eye on are the MDCG 2019-16 and the FDA guidance on cybersecurity for medical devices.

Step by step towards cybersecurity for medical devices

Based on national and international standards, you should ensure the cybersecurity of your medical devices with a well thought-out concept. Here is how you can proceed with this:

  • Consider the quality system and the content of applications – before placing on the market. Document everything.

  • Implement cybersecurity in the quality management system (QMS) and in processes.

  • Conduct cyber security risk management.

  • Ensure cybersecurity within the software and system architecture.

  • Create your own cyber security concept (if you wish).

  • Implement the concept incl. E2EE, etc.

  • Test your implementation with penetration tests.

  • After market launch: Continue to search for weaknesses and breaches in the monitoring and control measures.

  • Repeat the points above if necessary

Take your medical device to a new level – with cybersecurity

We are happy to help you ensure cyber security and check your products and documents before submission or market launch. This is the only way you can be sure that your medical devices are safe.

This allows you to react quickly to global and fast-moving threats. We support you in all aspects of cybersecurity for your networked medical devices, mobile medical apps and DiGA by designing and integrating protection systems. We help you to comply with European and international regulations for the protection of patients.