There is a lack of cybersecurity expertise when it comes to support during conformity assessments for medical devices so TEAM-NB has issued a position paper ‘Cyber Security’ to assist notified bodies in their assessments.
Making sure that relevant standards, such as IEC 81001-5-1, a standard associated with health software, are implemented in a harmonised way is one of TEAM-NB’s recommendations.
The aim of the position paper is to make conformity assessments of medical device cybersecurity in the context of Regulations (EU) 2017/745 and 2017/746 on medical devices and in vitro diagnostic medical devices (MDR and IVDR) as effective as possible while maintaining quality.
Another standard, IEC TR 60601-4-5 can also be used to record security stipulations of medical devices to support type testing of security properties. It offers comprehensive technical specifications for the security elements required for medical devices used within medical IT networks but can also be used by manufacturers of medical device software.
Manufacturers should take on a secure development life cycle from the initial to concluding stages of development. Standards such as IEC 81001-5-1 offer vital information on how to do this.
Source: Medtech Insight (an Informa product)