On Medical Device Cybersecurity Compliance in EU

Tuomas Granlund, Juha Vedenpää, Vlad Stirbu, Tommi Mikkonen

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Abstract

The medical device products at the European Union market must be safe and effective. To ensure this, medical device manufacturers must comply to the new regulatory requirements brought by the Medical Device Regulation (MDR) and the In Vitro Diagnostic Medical Device Regulation (IVDR). In general, the new regulations increase regulatory requirements and oversight, especially for medical software, and this is also true for requirements related to cybersecurity, which are now explicitly addressed in the legislation. The significant legislation changes currently underway, combined with increased cybersecurity requirements, create unique challenges for manufacturers to comply with the regulatory framework. In this paper, we review the new cybersecurity requirements in the light of currently available guidance documents, and pinpoint four core concepts around which cybersecurity compliance can be built. We argue that these core concepts form a foundations for cybersecurity compliance in the European Union regulatory framework.

Original languageEnglish
Title of host publicationProceedings - 2021 IEEE/ACM 3rd International Workshop on Software Engineering for Healthcare, SEH 2021
PublisherIEEE
Pages20-23
Number of pages4
ISBN (Electronic)9781665444583
DOIs
Publication statusPublished - 2021
Publication typeA4 Article in conference proceedings
EventIEEE/ACM International Workshop on Software Engineering for Healthcare -
Duration: 3 Jun 2021 → …

Publication series

NameProceedings - 2021 IEEE/ACM 3rd International Workshop on Software Engineering for Healthcare, SEH 2021

Conference

ConferenceIEEE/ACM International Workshop on Software Engineering for Healthcare
Period3/06/21 → …

Keywords

  • cybersecurity
  • Medical device
  • regulatory compliance
  • regulatory requirements

Publication forum classification

  • Publication forum level 1

ASJC Scopus subject areas

  • Information Systems
  • Software
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Health Informatics
  • Health(social science)

Fingerprint

Dive into the research topics of 'On Medical Device Cybersecurity Compliance in EU'. Together they form a unique fingerprint.

Cite this