Business Brunch - cyber security for medical devices
What do the manufacturers of medical devices need to know about cyber security?
Business Brunch with Miriam Schuh & Dr. Carlo Piltz in Munich on 16 March 2018
e-health, m-health and connected health ceased to be futuristic scenarios a long time ago. Accordingly, manufacturers of medical devices, medical software and health apps must design their products in accordance with the requirements of the new European Medical Devices Regulation (MDR). This also means paying heed to the aspect of cyber-security throughout the entire life cycle of the products. If the product is not manufactured in a way that ensures that it is safe and conforms to the MDR, the manufacturer is exposed to major liability risks.
For medical apps and health apps, furthermore, regulations relating to data protection become relevant as soon as data relating to the state of health of the users are gathered and analysed. As from 25 May 2018 the new EU General Data Protection Regulation (DSGVO) will apply throughout Europe. Like the MDR, the DSGVO also entails a large number of new obligations for companies in the health and pharmaceutical industry, and manufacturers of medical apps and health apps absolutely must pay heed to these in order to minimise their liability risks. The obligations relate, among other things, to the principles of privacy by design and by default, and to a level of data security which is oriented toward the current state of technology.