Medical devices and systems in hospitals and medical practices are commonly integrated in IT networks. Many devices need a permanent internet connection for operation and maintenance purposes. Hence, cybersecurity requirements need to be consistently addressed in terms of programming, testing, implementing and after-sales service of software.
Manufacturers can do this–but only in the intended operating environment and when used for the intended purpose. The key elements involved are set out in the following:
1.Cybersecurity is an integral requirement for medical devices
2.Cybersecurity throughout the product life cycle
3.Cybersecurity is a system-wide challenge
4.Information-sharing and knowledge transfer
5.Identifying unavoidable risks