SlideShare a Scribd company logo

Cybersecurity for medical devices in the EU

ā€¢Download as PPTX, PDFā€¢
ā€¢
Erik Vollebregt
Erik Vollebregt

This document discusses cybersecurity issues related to medical devices. It summarizes the FDA's approach to cybersecurity, which is based on the NIST cybersecurity framework. It also discusses the current and future EU regulations regarding medical devices and cybersecurity, noting that the future regulations do not specifically address cybersecurity. Finally, it outlines some general EU security regulations and standards that relate to medical devices, including those regarding data protection, risk management, and notification of security incidents.

Health & Medicine
1 of 20
CYBERSECURITY FOR MEDICAL DEVICES MD Project event 9 december 2014 Erik Vollebregt www.axonadvocaten.nl
Agenda: 1. Introduction 2. FDA approach to cybersecurity measures 3. Current EU Medical Devices law 4. Future EU Medical Devices law 5. General EU security regulations and standards
Setting the scene ā€¢ Homeland pacemaker hack; ā€¢ FDA Guidelines on Premarket Submissions for Management of Cubersecurity in Medical Devices; ā€¢ Proposals for MDR and IVDR; ā€¢ EU Directive 95/46/EC on personal data protection; ā€¢ EU Commission`s Green Paper on mHealth;
FDA approach to cybersecurity measures Based on US National Institute of Standards and Technology (NIST) cybersecurity framework: ā€¢ identification of assets, threats and vulnerabilities; ā€¢ assessment of the impact of threats and vulnerabilities on device ā€¢ functionality and end users / patients; ā€¢ assessment of the likelihood of a threat and of a vulnerability being exploited; ā€¢ determination of risk levels and suitable mitigation strategies; ā€¢ assessment of residual risk and risk acceptance criteria;
Are we doing anything in the EU? Biggest EVAH! About public utilities and communications infrastructure What are the medical devices companies and healthcare institutions doing?
EN 62304 Ā§ 5.2.2 Software requirements content re security Typical cybersecurity points, but only with respect to standalone software
Future EU Medical Devices law ā€¢ nothing specifically new in the field of cybersecurity; ā€¢ MDR Proposal, Annex I, point 14 does not addresses cybersecurity specificallu: ā€¢ point 14.2 repeats point 12.1a of the MDD, which will remain linked to EN 62304 so future cybersecurity ā€“ for the moment ā€“ is more of the same ā€¢ Any cybersecurity measure will need to come from harmonised standard
Future EU Medical Devices law ā€¢ Delegated acts or common technical specifications are a good way to amend the general safety and performance requirements with cyber security requirements, as foreseen by the new regulations. ā€¢ However, this option for delegated acts is proposed to be removed in the EU Parliament`s 1st reading of 2 April 2014.
General EU security regulations and standards ā€¢ IEC 80001 ā€“ Application of risk management for IT-networks incorporating medical devices ā€¢ Plays important role in Swedish competent authority LƤkemedelsverket in 2009 in the first version of their guidance ā€œProposal for guidelines regarding classification of software based information systems used in health careā€. ā€¢ This is not a harmonised standard under the medical devices directives, because it is directed at clinical institutions and not to medical device manufacturers.
Draft NIS Directive Article 14 provides for market operator ā€¢ security requirements and ā€¢ incident notification duty ERGO: all (medical)devices that run software, that interconnect and process / transmit data
NIS Directive Duty to implement measures Notification duty Public disclosure of incidents Delegated acts
General EU security regulations and standards: data protection ā€¢ Protection against e.g. alteration and unauthorized access have everything to do with cybersecurity, as these impact directly on safety and performance of the device. ā€¢ Non harmonization of the Data Protection Directive is a big problem because it leads to the situation of member states taking different views on security terms requirements. ā€¢ Dutch NCA refers to ISO 27000 family as informal harmonised standard ā€¢ Dutch sause ISO 27002 mandatory standard in Dutch healthcare market (NEN 7510)
Personal data currently in the EU ā€¢ Everybody agrees the current EU system is ā€¢ Fragmented ā€¢ Outdated ā€¢ Unclear ā€¢ But, itā€™s still a good system that has produced a lot of good practices, among others Article 29 WP opinions on security related subjects, e.g. WP 223 on IoT:
General EU security regulations and standards ā€¢ Currently authorities mainly approach cybersecurity issues via Data Protection Directive, which features a secutiry regime in Article 17(1):
Privacy by design obligations for medical devices ā€¢ WP 223: Controller has responsibility for security of IoT devices ā€¢ Parties purchasing OEM devices and solutions will want privacy by design compliance warranties
Privacy by design obligations for medical devices WP 223 on end of life devices and remote monitoring / measuring devices
Data protection: security case study CASE STUDY
Developments? ā€¢ Unfortunately, we did not have yet a European version of the Homeland pacemaker hack that gets politicians moving ā€“ attention is at manageable safety issues in well understood implantables ā€¢ EU Commission seems reluctant to update anything substantive in the medical devices guidance while medical device regulations are still in works. ā€¢ DG Enterprise might be able to make a difference in cybersecurity for medical devices.
Background
THANKS FOR YOUR ATTENTION Erik Vollebregt Axon Lawyers Piet Heinkade 183 1019 HC Amsterdam T +31 88 650 6500 F +31 88 650 6555 M +31 6 47 180 683 E erik.vollebregt@axonlawyers.com @meddevlegal B http://medicaldeviceslegal.com READ MY BLOG: http://medicaldeviceslegal.com www.axonlawyers.com

Recommended

EU cybersecurity requirements under current and future medical devices regula...
EU cybersecurity requirements under current and future medical devices regula...EU cybersecurity requirements under current and future medical devices regula...
EU cybersecurity requirements under current and future medical devices regula...Erik Vollebregt
Ā 
MMA roadshow m health summit europe
MMA roadshow m health summit europeMMA roadshow m health summit europe
MMA roadshow m health summit europeErik Vollebregt
Ā 
3d printing and biofabrication
3d printing and biofabrication3d printing and biofabrication
3d printing and biofabricationErik Vollebregt
Ā 
Mma roadshow mHealth in the EU
Mma roadshow mHealth in the EUMma roadshow mHealth in the EU
Mma roadshow mHealth in the EUErik Vollebregt
Ā 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security Erik Vollebregt
Ā 
Recent and future developments in UDI for medical devices in the EU
Recent and future developments in UDI for medical devices in the EURecent and future developments in UDI for medical devices in the EU
Recent and future developments in UDI for medical devices in the EUErik Vollebregt
Ā 
Advamed MDR IVDR update
Advamed MDR IVDR updateAdvamed MDR IVDR update
Advamed MDR IVDR updateErik Vollebregt
Ā 
eHealth - Medical Systems Interoperability & Mobile Health
eHealth - Medical Systems Interoperability & Mobile HealtheHealth - Medical Systems Interoperability & Mobile Health
eHealth - Medical Systems Interoperability & Mobile Healthulmedical
Ā 

Recommended

EU cybersecurity requirements under current and future medical devices regula...
EU cybersecurity requirements under current and future medical devices regula...EU cybersecurity requirements under current and future medical devices regula...
EU cybersecurity requirements under current and future medical devices regula...Erik Vollebregt
Ā 
MMA roadshow m health summit europe
MMA roadshow m health summit europeMMA roadshow m health summit europe
MMA roadshow m health summit europeErik Vollebregt
Ā 
3d printing and biofabrication
3d printing and biofabrication3d printing and biofabrication
3d printing and biofabricationErik Vollebregt
Ā 
Mma roadshow mHealth in the EU
Mma roadshow mHealth in the EUMma roadshow mHealth in the EU
Mma roadshow mHealth in the EUErik Vollebregt
Ā 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security Erik Vollebregt
Ā 
Recent and future developments in UDI for medical devices in the EU
Recent and future developments in UDI for medical devices in the EURecent and future developments in UDI for medical devices in the EU
Recent and future developments in UDI for medical devices in the EUErik Vollebregt
Ā 
Advamed MDR IVDR update
Advamed MDR IVDR updateAdvamed MDR IVDR update
Advamed MDR IVDR updateErik Vollebregt
Ā 
eHealth - Medical Systems Interoperability & Mobile Health
eHealth - Medical Systems Interoperability & Mobile HealtheHealth - Medical Systems Interoperability & Mobile Health
eHealth - Medical Systems Interoperability & Mobile Healthulmedical
Ā 
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...qserveconference2013
Ā 
Netherland medical devices compliance update
Netherland medical devices compliance update Netherland medical devices compliance update
Netherland medical devices compliance update Erik Vollebregt
Ā 
EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...Erik Vollebregt
Ā 
Trends in EU regulation of software as medical device
Trends in EU regulation of software as medical deviceTrends in EU regulation of software as medical device
Trends in EU regulation of software as medical deviceErik Vollebregt
Ā 
THE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity GuidanceTHE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity GuidancePam Gilmore
Ā 
E health, mhealth and apps
E health, mhealth and appsE health, mhealth and apps
E health, mhealth and appsErik Vollebregt
Ā 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical DevicesSuresh Mandava
Ā 
MedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance UpdateMedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance UpdateErik Vollebregt
Ā 
Breakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical DevicesBreakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical DevicesHealthegy
Ā 
Cybersecurity in medical devices
Cybersecurity in medical devicesCybersecurity in medical devices
Cybersecurity in medical devicesSafisSolutions
Ā 
Hacking Into Medical Devices
Hacking Into Medical DevicesHacking Into Medical Devices
Hacking Into Medical DevicesJane Wang
Ā 
Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014Erik Vollebregt
Ā 
Cybersecurity in Medical Devices
Cybersecurity in Medical DevicesCybersecurity in Medical Devices
Cybersecurity in Medical DevicesSheersha Pramanik šŸ‡®šŸ‡³
Ā 
Transparency under the new MDR and IVDR
Transparency under the new MDR and IVDRTransparency under the new MDR and IVDR
Transparency under the new MDR and IVDRErik Vollebregt
Ā 
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationEU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationErik Vollebregt
Ā 
Use of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPRUse of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPRErik Vollebregt
Ā 
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityCollaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityDr Dev Kambhampati
Ā 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
Ā 
eHealth and mhealth presentation
eHealth and mhealth presentationeHealth and mhealth presentation
eHealth and mhealth presentationErik Vollebregt
Ā 
From Servers to Medical Devices
From Servers to Medical DevicesFrom Servers to Medical Devices
From Servers to Medical DevicesPlan de Calidad para el SNS
Ā 
Andy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptxAndy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptxsafsda1
Ā 
EU MDR Annex I Simplified
EU MDR Annex I SimplifiedEU MDR Annex I Simplified
EU MDR Annex I SimplifiedEMMAIntl
Ā 

More Related Content

What's hot

Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...qserveconference2013
Ā 
Netherland medical devices compliance update
Netherland medical devices compliance update Netherland medical devices compliance update
Netherland medical devices compliance update Erik Vollebregt
Ā 
EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...Erik Vollebregt
Ā 
Trends in EU regulation of software as medical device
Trends in EU regulation of software as medical deviceTrends in EU regulation of software as medical device
Trends in EU regulation of software as medical deviceErik Vollebregt
Ā 
THE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity GuidanceTHE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity GuidancePam Gilmore
Ā 
E health, mhealth and apps
E health, mhealth and appsE health, mhealth and apps
E health, mhealth and appsErik Vollebregt
Ā 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical DevicesSuresh Mandava
Ā 
MedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance UpdateMedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance UpdateErik Vollebregt
Ā 
Breakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical DevicesBreakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical DevicesHealthegy
Ā 
Cybersecurity in medical devices
Cybersecurity in medical devicesCybersecurity in medical devices
Cybersecurity in medical devicesSafisSolutions
Ā 
Hacking Into Medical Devices
Hacking Into Medical DevicesHacking Into Medical Devices
Hacking Into Medical DevicesJane Wang
Ā 
Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014Erik Vollebregt
Ā 
Transparency under the new MDR and IVDR
Transparency under the new MDR and IVDRTransparency under the new MDR and IVDR
Transparency under the new MDR and IVDRErik Vollebregt
Ā 
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationEU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationErik Vollebregt
Ā 
Use of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPRUse of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPRErik Vollebregt
Ā 
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityCollaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityDr Dev Kambhampati
Ā 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
Ā 
eHealth and mhealth presentation
eHealth and mhealth presentationeHealth and mhealth presentation
eHealth and mhealth presentationErik Vollebregt
Ā 

What's hot (20)

Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Software and Smartphone Applications By E. Vollebregt - Axon Lawers (Qserve C...
Ā 
Netherland medical devices compliance update
Netherland medical devices compliance update Netherland medical devices compliance update
Netherland medical devices compliance update
Ā 
EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...EU General Data Protection Regulation top 8 operational impacts in personal c...
EU General Data Protection Regulation top 8 operational impacts in personal c...
Ā 
Trends in EU regulation of software as medical device
Trends in EU regulation of software as medical deviceTrends in EU regulation of software as medical device
Trends in EU regulation of software as medical device
Ā 
THE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity GuidanceTHE FDA and Medical Device Cybersecurity Guidance
THE FDA and Medical Device Cybersecurity Guidance
Ā 
E health, mhealth and apps
E health, mhealth and appsE health, mhealth and apps
E health, mhealth and apps
Ā 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical Devices
Ā 
MedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance UpdateMedTech Europe Netherland Compliance Update
MedTech Europe Netherland Compliance Update
Ā 
Breakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical DevicesBreakout Session: Cybersecurity in Medical Devices
Breakout Session: Cybersecurity in Medical Devices
Ā 
Cybersecurity in medical devices
Cybersecurity in medical devicesCybersecurity in medical devices
Cybersecurity in medical devices
Ā 
Hacking Into Medical Devices
Hacking Into Medical DevicesHacking Into Medical Devices
Hacking Into Medical Devices
Ā 
Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014Informa Eudamed update 29 january 2014
Informa Eudamed update 29 january 2014
Ā 
Cybersecurity in Medical Devices
Cybersecurity in Medical DevicesCybersecurity in Medical Devices
Cybersecurity in Medical Devices
Ā 
Transparency under the new MDR and IVDR
Transparency under the new MDR and IVDRTransparency under the new MDR and IVDR
Transparency under the new MDR and IVDR
Ā 
EU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection RegulationEU Medical Device Clinical Research under the General Data Protection Regulation
EU Medical Device Clinical Research under the General Data Protection Regulation
Ā 
Use of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPRUse of left over samples under the IVDR and GDPR
Use of left over samples under the IVDR and GDPR
Ā 
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityCollaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Ā 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Ā 
eHealth and mhealth presentation
eHealth and mhealth presentationeHealth and mhealth presentation
eHealth and mhealth presentation
Ā 
From Servers to Medical Devices
From Servers to Medical DevicesFrom Servers to Medical Devices
From Servers to Medical Devices
Ā 

Similar to Cybersecurity for medical devices in the EU

Andy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptxAndy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptxsafsda1
Ā 
EU MDR Annex I Simplified
EU MDR Annex I SimplifiedEU MDR Annex I Simplified
EU MDR Annex I SimplifiedEMMAIntl
Ā 
Steps to Compliance with the European Medical Device Regulations
Steps to Compliance with the European Medical Device RegulationsSteps to Compliance with the European Medical Device Regulations
Steps to Compliance with the European Medical Device RegulationsApril Bright
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
Ā 
[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device security[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device securityOWASP
Ā 
CybersƩcuritƩ des dispositifs mƩdicaux
CybersƩcuritƩ des dispositifs mƩdicauxCybersƩcuritƩ des dispositifs mƩdicaux
CybersƩcuritƩ des dispositifs mƩdicauxMarket iT
Ā 
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-Telemedicine
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-TelemedicineLegal-landscape-struggles-to-keep-pace-with-the-rise-of-Telemedicine
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-TelemedicineCiara Farrell
Ā 
Presentation: Conformity assessment evidence
Presentation: Conformity assessment evidencePresentation: Conformity assessment evidence
Presentation: Conformity assessment evidenceTGA Australia
Ā 
EU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart MeteringEU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart Meteringnuances
Ā 
nedecinw.ppt
nedecinw.pptnedecinw.ppt
nedecinw.pptDunakanshon
Ā 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPRPavol Balaj
Ā 
The new data privacy regulation framework
The new data privacy regulation framework The new data privacy regulation framework
The new data privacy regulation framework Thiebaut Devergranne
Ā 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan
Ā 
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device Regulation
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device RegulationTuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device Regulation
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device RegulationStefano Bolletta
Ā 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
Ā 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
Ā 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
Ā 

Similar to Cybersecurity for medical devices in the EU (20)

Andy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptxAndy-Bridden-IoMT-Canterburyv1.pptx
Andy-Bridden-IoMT-Canterburyv1.pptx
Ā 
EU MDR Annex I Simplified
EU MDR Annex I SimplifiedEU MDR Annex I Simplified
EU MDR Annex I Simplified
Ā 
Steps to Compliance with the European Medical Device Regulations
Steps to Compliance with the European Medical Device RegulationsSteps to Compliance with the European Medical Device Regulations
Steps to Compliance with the European Medical Device Regulations
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
Ā 
[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device security[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device security
Ā 
CybersƩcuritƩ des dispositifs mƩdicaux
CybersƩcuritƩ des dispositifs mƩdicauxCybersƩcuritƩ des dispositifs mƩdicaux
CybersƩcuritƩ des dispositifs mƩdicaux
Ā 
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-Telemedicine
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-TelemedicineLegal-landscape-struggles-to-keep-pace-with-the-rise-of-Telemedicine
Legal-landscape-struggles-to-keep-pace-with-the-rise-of-Telemedicine
Ā 
Presentation: Conformity assessment evidence
Presentation: Conformity assessment evidencePresentation: Conformity assessment evidence
Presentation: Conformity assessment evidence
Ā 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoT
Ā 
EU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart MeteringEU General Data Protection: Implications for Smart Metering
EU General Data Protection: Implications for Smart Metering
Ā 
Dov Greenbaum, "Avoiding Regulation in the Medical Internet of Things"
Dov Greenbaum, "Avoiding Regulation in the Medical Internet of Things"Dov Greenbaum, "Avoiding Regulation in the Medical Internet of Things"
Dov Greenbaum, "Avoiding Regulation in the Medical Internet of Things"
Ā 
nedecinw.ppt
nedecinw.pptnedecinw.ppt
nedecinw.ppt
Ā 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPR
Ā 
The new data privacy regulation framework
The new data privacy regulation framework The new data privacy regulation framework
The new data privacy regulation framework
Ā 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Ā 
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device Regulation
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device RegulationTuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device Regulation
Tuv sud-ivdr-infosheet - EUā€™s In Vitro Diagnostic Medical Device Regulation
Ā 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection Regulation
Ā 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
Ā 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015
Ā 

More from Erik Vollebregt

Economic operators and the exits
Economic operators and the exitsEconomic operators and the exits
Economic operators and the exitsErik Vollebregt
Ā 
Q1 medical device packaging conference 10 november 2020
Q1 medical device packaging conference 10 november 2020Q1 medical device packaging conference 10 november 2020
Q1 medical device packaging conference 10 november 2020Erik Vollebregt
Ā 
Easy medical devices podcast self tests ivdr
Easy medical devices podcast self tests ivdrEasy medical devices podcast self tests ivdr
Easy medical devices podcast self tests ivdrErik Vollebregt
Ā 
Your legal relationship with your notified body
Your legal relationship with your notified bodyYour legal relationship with your notified body
Your legal relationship with your notified bodyErik Vollebregt
Ā 
Point of-care, biosensors & mobile diagnostics europe 2019
Point of-care, biosensors & mobile diagnostics europe 2019Point of-care, biosensors & mobile diagnostics europe 2019
Point of-care, biosensors & mobile diagnostics europe 2019Erik Vollebregt
Ā 
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?Erik Vollebregt
Ā 
M&A and medical devices presentation
M&A and medical devices presentationM&A and medical devices presentation
M&A and medical devices presentationErik Vollebregt
Ā 
MDR and class I medical devices presentation
MDR and class I medical devices presentationMDR and class I medical devices presentation
MDR and class I medical devices presentationErik Vollebregt
Ā 
Q1 MDR and IVDR PRRC presentation
Q1 MDR and IVDR PRRC presentation Q1 MDR and IVDR PRRC presentation
Q1 MDR and IVDR PRRC presentation Erik Vollebregt
Ā 
Legal aspects of the new EU Medical Devices Regulation - known and unknowns
Legal aspects of the new EU Medical Devices Regulation - known and unknownsLegal aspects of the new EU Medical Devices Regulation - known and unknowns
Legal aspects of the new EU Medical Devices Regulation - known and unknownsErik Vollebregt
Ā 
Advamed Med Tech 2019 countdown presentation
Advamed Med Tech 2019 countdown presentationAdvamed Med Tech 2019 countdown presentation
Advamed Med Tech 2019 countdown presentationErik Vollebregt
Ā 
Managing New Requirement for Economic Operator Regime
Managing New Requirement for Economic Operator RegimeManaging New Requirement for Economic Operator Regime
Managing New Requirement for Economic Operator RegimeErik Vollebregt
Ā 
Legal and regulatory developments in precision medicine and diagnostic devices
Legal and regulatory developments in precision medicine and diagnostic devicesLegal and regulatory developments in precision medicine and diagnostic devices
Legal and regulatory developments in precision medicine and diagnostic devicesErik Vollebregt
Ā 
Q1 Medical Devices Regulation - practical consequences for manufacturers
Q1 Medical Devices Regulation - practical consequences for manufacturersQ1 Medical Devices Regulation - practical consequences for manufacturers
Q1 Medical Devices Regulation - practical consequences for manufacturersErik Vollebregt
Ā 
Economic operators under the MDR and IVDR
Economic operators under the MDR and IVDREconomic operators under the MDR and IVDR
Economic operators under the MDR and IVDRErik Vollebregt
Ā 
GDPR and eHealth for the pharma industry (VFenR presentation)
GDPR and eHealth for the pharma industry (VFenR presentation)GDPR and eHealth for the pharma industry (VFenR presentation)
GDPR and eHealth for the pharma industry (VFenR presentation)Erik Vollebregt
Ā 
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniek
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniekVZI jaarcongres: de MDR en IVDR - de impact in de medische techniek
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniekErik Vollebregt
Ā 
NEN symposium on Medical Devices and IVD Regulation
NEN symposium on Medical Devices and IVD RegulationNEN symposium on Medical Devices and IVD Regulation
NEN symposium on Medical Devices and IVD RegulationErik Vollebregt
Ā 
Advamed EU MDR and IVDR panel presentation
Advamed EU MDR and IVDR panel presentationAdvamed EU MDR and IVDR panel presentation
Advamed EU MDR and IVDR panel presentationErik Vollebregt
Ā 
Regulation of Economic Operators under the MDR and IVDR
Regulation of Economic Operators under the MDR and IVDRRegulation of Economic Operators under the MDR and IVDR
Regulation of Economic Operators under the MDR and IVDRErik Vollebregt
Ā 

More from Erik Vollebregt (20)

Economic operators and the exits
Economic operators and the exitsEconomic operators and the exits
Economic operators and the exits
Ā 
Q1 medical device packaging conference 10 november 2020
Q1 medical device packaging conference 10 november 2020Q1 medical device packaging conference 10 november 2020
Q1 medical device packaging conference 10 november 2020
Ā 
Easy medical devices podcast self tests ivdr
Easy medical devices podcast self tests ivdrEasy medical devices podcast self tests ivdr
Easy medical devices podcast self tests ivdr
Ā 
Your legal relationship with your notified body
Your legal relationship with your notified bodyYour legal relationship with your notified body
Your legal relationship with your notified body
Ā 
Point of-care, biosensors & mobile diagnostics europe 2019
Point of-care, biosensors & mobile diagnostics europe 2019Point of-care, biosensors & mobile diagnostics europe 2019
Point of-care, biosensors & mobile diagnostics europe 2019
Ā 
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?
HOW TO WORK WITH EMERGENCY RULES RELATING TO COVID 19?
Ā 
M&A and medical devices presentation
M&A and medical devices presentationM&A and medical devices presentation
M&A and medical devices presentation
Ā 
MDR and class I medical devices presentation
MDR and class I medical devices presentationMDR and class I medical devices presentation
MDR and class I medical devices presentation
Ā 
Q1 MDR and IVDR PRRC presentation
Q1 MDR and IVDR PRRC presentation Q1 MDR and IVDR PRRC presentation
Q1 MDR and IVDR PRRC presentation
Ā 
Legal aspects of the new EU Medical Devices Regulation - known and unknowns
Legal aspects of the new EU Medical Devices Regulation - known and unknownsLegal aspects of the new EU Medical Devices Regulation - known and unknowns
Legal aspects of the new EU Medical Devices Regulation - known and unknowns
Ā 
Advamed Med Tech 2019 countdown presentation
Advamed Med Tech 2019 countdown presentationAdvamed Med Tech 2019 countdown presentation
Advamed Med Tech 2019 countdown presentation
Ā 
Managing New Requirement for Economic Operator Regime
Managing New Requirement for Economic Operator RegimeManaging New Requirement for Economic Operator Regime
Managing New Requirement for Economic Operator Regime
Ā 
Legal and regulatory developments in precision medicine and diagnostic devices
Legal and regulatory developments in precision medicine and diagnostic devicesLegal and regulatory developments in precision medicine and diagnostic devices
Legal and regulatory developments in precision medicine and diagnostic devices
Ā 
Q1 Medical Devices Regulation - practical consequences for manufacturers
Q1 Medical Devices Regulation - practical consequences for manufacturersQ1 Medical Devices Regulation - practical consequences for manufacturers
Q1 Medical Devices Regulation - practical consequences for manufacturers
Ā 
Economic operators under the MDR and IVDR
Economic operators under the MDR and IVDREconomic operators under the MDR and IVDR
Economic operators under the MDR and IVDR
Ā 
GDPR and eHealth for the pharma industry (VFenR presentation)
GDPR and eHealth for the pharma industry (VFenR presentation)GDPR and eHealth for the pharma industry (VFenR presentation)
GDPR and eHealth for the pharma industry (VFenR presentation)
Ā 
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniek
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniekVZI jaarcongres: de MDR en IVDR - de impact in de medische techniek
VZI jaarcongres: de MDR en IVDR - de impact in de medische techniek
Ā 
NEN symposium on Medical Devices and IVD Regulation
NEN symposium on Medical Devices and IVD RegulationNEN symposium on Medical Devices and IVD Regulation
NEN symposium on Medical Devices and IVD Regulation
Ā 
Advamed EU MDR and IVDR panel presentation
Advamed EU MDR and IVDR panel presentationAdvamed EU MDR and IVDR panel presentation
Advamed EU MDR and IVDR panel presentation
Ā 
Regulation of Economic Operators under the MDR and IVDR
Regulation of Economic Operators under the MDR and IVDRRegulation of Economic Operators under the MDR and IVDR
Regulation of Economic Operators under the MDR and IVDR
Ā 

Recently uploaded

Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...
Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...
Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...Call girls in Ahmedabad High profile
Ā 
Lucknow Call girls - 8800925952 - 24x7 service with hotel room
Lucknow Call girls - 8800925952 - 24x7 service with hotel roomLucknow Call girls - 8800925952 - 24x7 service with hotel room
Lucknow Call girls - 8800925952 - 24x7 service with hotel roomdiscovermytutordmt
Ā 
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Miss joya
Ā 
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% SafeBangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safenarwatsonia7
Ā 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...Miss joya
Ā 
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoy
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night EnjoyCall Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoy
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoybabeytanya
Ā 
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
Ā 
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...astropune
Ā 
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Delivery
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on DeliveryCall Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Delivery
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Deliverynehamumbai
Ā 
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patna
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service PatnaLow Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patna
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patnamakika9823
Ā 
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...narwatsonia7
Ā 
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escorts
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore EscortsCall Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escorts
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escortsvidya singh
Ā 
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...Miss joya
Ā 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...Garima Khatri
Ā 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.MiadAlsulami
Ā 
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual Needs
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual NeedsBangalore Call Girl Whatsapp Number 100% Complete Your Sexual Needs
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual NeedsGfnyt
Ā 
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...Taniya Sharma
Ā 
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Miss joya
Ā 
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...jageshsingh5554
Ā 
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls JaipurCall Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipurparulsinha
Ā 

Recently uploaded (20)

Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...
Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...
Call Girls Service Navi Mumbai Samaira 8617697112 Independent Escort Service ...
Ā 
Lucknow Call girls - 8800925952 - 24x7 service with hotel room
Lucknow Call girls - 8800925952 - 24x7 service with hotel roomLucknow Call girls - 8800925952 - 24x7 service with hotel room
Lucknow Call girls - 8800925952 - 24x7 service with hotel room
Ā 
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Russian Call Girls in Pune Riya 9907093804 Short 1500 Night 6000 Best call gi...
Ā 
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% SafeBangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safe
Bangalore Call Girls Majestic šŸ“ž 9907093804 High Profile Service 100% Safe
Ā 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
Ā 
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoy
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night EnjoyCall Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoy
Call Girl Number in Vashi MumbaišŸ“² 9833363713 šŸ’ž Full Night Enjoy
Ā 
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Darjeeling Just Call 9907093804 Top Class Call Girl Service Available
Ā 
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...
ā™›VVIP Hyderabad Call Girls ChintalkuntašŸ–•7001035870šŸ–•Riya Kappor Top Call Girl ...
Ā 
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Delivery
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on DeliveryCall Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Delivery
Call Girls Colaba Mumbai ā¤ļø 9920874524 šŸ‘ˆ Cash on Delivery
Ā 
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patna
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service PatnaLow Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patna
Low Rate Call Girls Patna Anika 8250192130 Independent Escort Service Patna
Ā 
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Ā 
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escorts
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore EscortsCall Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escorts
Call Girls Horamavu WhatsApp Number 7001035870 Meeting With Bangalore Escorts
Ā 
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...
Call Girls Service Pune Vaishnavi 9907093804 Short 1500 Night 6000 Best call ...
Ā 
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
VIP Mumbai Call Girls Hiranandani Gardens Just Call 9920874524 with A/C Room ...
Ā 
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Artifacts in Nuclear Medicine with Identifying and resolving artifacts.
Ā 
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual Needs
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual NeedsBangalore Call Girl Whatsapp Number 100% Complete Your Sexual Needs
Bangalore Call Girl Whatsapp Number 100% Complete Your Sexual Needs
Ā 
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...
šŸ’ŽVVIP Kolkata Call Girls ParganasšŸ©±7001035870šŸ©±Independent Girl ( Ac Rooms Avai...
Ā 
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Low Rate Call Girls Pune Esha 9907093804 Short 1500 Night 6000 Best call girl...
Ā 
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony šŸ“³ 7877925207 For 18+ VIP Call Girl At Th...
Ā 
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls JaipurCall Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipur
Call Girls Service Jaipur Grishma WhatsApp ā¤8445551418 VIP Call Girls Jaipur
Ā 

Cybersecurity for medical devices in the EU

  • 1. CYBERSECURITY FOR MEDICAL DEVICES MD Project event 9 december 2014 Erik Vollebregt www.axonadvocaten.nl
  • 2. Agenda: 1. Introduction 2. FDA approach to cybersecurity measures 3. Current EU Medical Devices law 4. Future EU Medical Devices law 5. General EU security regulations and standards
  • 3. Setting the scene ā€¢ Homeland pacemaker hack; ā€¢ FDA Guidelines on Premarket Submissions for Management of Cubersecurity in Medical Devices; ā€¢ Proposals for MDR and IVDR; ā€¢ EU Directive 95/46/EC on personal data protection; ā€¢ EU Commission`s Green Paper on mHealth;
  • 4. FDA approach to cybersecurity measures Based on US National Institute of Standards and Technology (NIST) cybersecurity framework: ā€¢ identification of assets, threats and vulnerabilities; ā€¢ assessment of the impact of threats and vulnerabilities on device ā€¢ functionality and end users / patients; ā€¢ assessment of the likelihood of a threat and of a vulnerability being exploited; ā€¢ determination of risk levels and suitable mitigation strategies; ā€¢ assessment of residual risk and risk acceptance criteria;
  • 5. Are we doing anything in the EU? Biggest EVAH! About public utilities and communications infrastructure What are the medical devices companies and healthcare institutions doing?
  • 6. EN 62304 Ā§ 5.2.2 Software requirements content re security Typical cybersecurity points, but only with respect to standalone software
  • 7. Future EU Medical Devices law ā€¢ nothing specifically new in the field of cybersecurity; ā€¢ MDR Proposal, Annex I, point 14 does not addresses cybersecurity specificallu: ā€¢ point 14.2 repeats point 12.1a of the MDD, which will remain linked to EN 62304 so future cybersecurity ā€“ for the moment ā€“ is more of the same ā€¢ Any cybersecurity measure will need to come from harmonised standard
  • 8. Future EU Medical Devices law ā€¢ Delegated acts or common technical specifications are a good way to amend the general safety and performance requirements with cyber security requirements, as foreseen by the new regulations. ā€¢ However, this option for delegated acts is proposed to be removed in the EU Parliament`s 1st reading of 2 April 2014.
  • 9. General EU security regulations and standards ā€¢ IEC 80001 ā€“ Application of risk management for IT-networks incorporating medical devices ā€¢ Plays important role in Swedish competent authority LƤkemedelsverket in 2009 in the first version of their guidance ā€œProposal for guidelines regarding classification of software based information systems used in health careā€. ā€¢ This is not a harmonised standard under the medical devices directives, because it is directed at clinical institutions and not to medical device manufacturers.
  • 10. Draft NIS Directive Article 14 provides for market operator ā€¢ security requirements and ā€¢ incident notification duty ERGO: all (medical)devices that run software, that interconnect and process / transmit data
  • 11. NIS Directive Duty to implement measures Notification duty Public disclosure of incidents Delegated acts
  • 12. General EU security regulations and standards: data protection ā€¢ Protection against e.g. alteration and unauthorized access have everything to do with cybersecurity, as these impact directly on safety and performance of the device. ā€¢ Non harmonization of the Data Protection Directive is a big problem because it leads to the situation of member states taking different views on security terms requirements. ā€¢ Dutch NCA refers to ISO 27000 family as informal harmonised standard ā€¢ Dutch sause ISO 27002 mandatory standard in Dutch healthcare market (NEN 7510)
  • 13. Personal data currently in the EU ā€¢ Everybody agrees the current EU system is ā€¢ Fragmented ā€¢ Outdated ā€¢ Unclear ā€¢ But, itā€™s still a good system that has produced a lot of good practices, among others Article 29 WP opinions on security related subjects, e.g. WP 223 on IoT:
  • 14. General EU security regulations and standards ā€¢ Currently authorities mainly approach cybersecurity issues via Data Protection Directive, which features a secutiry regime in Article 17(1):
  • 15. Privacy by design obligations for medical devices ā€¢ WP 223: Controller has responsibility for security of IoT devices ā€¢ Parties purchasing OEM devices and solutions will want privacy by design compliance warranties
  • 16. Privacy by design obligations for medical devices WP 223 on end of life devices and remote monitoring / measuring devices
  • 17. Data protection: security case study CASE STUDY
  • 18. Developments? ā€¢ Unfortunately, we did not have yet a European version of the Homeland pacemaker hack that gets politicians moving ā€“ attention is at manageable safety issues in well understood implantables ā€¢ EU Commission seems reluctant to update anything substantive in the medical devices guidance while medical device regulations are still in works. ā€¢ DG Enterprise might be able to make a difference in cybersecurity for medical devices.
  • 20. THANKS FOR YOUR ATTENTION Erik Vollebregt Axon Lawyers Piet Heinkade 183 1019 HC Amsterdam T +31 88 650 6500 F +31 88 650 6555 M +31 6 47 180 683 E erik.vollebregt@axonlawyers.com @meddevlegal B http://medicaldeviceslegal.com READ MY BLOG: http://medicaldeviceslegal.com www.axonlawyers.com