MEDIcept Insights
Cybersecurity Risk Control
With a freshly completed threat model in hand, you turn to your next task: create the corresponding cybersecurity risk assessment. You identified some threat mitigations while constructing your threat model, perhaps making some design decisions intended to limit your...
Threat Modeling for Medical Devices
You’ve just realized that your medical device has a connection to the outside world and meets the definition of a cyber device per FDA guidance “Select Updates for the Premarket Cybersecurity Guidance: Section 524B of the FD&C Act.” As the initial shock wears...
Securing Your Medical Device Software Development Life Cycle
Medical device manufacturers must increasingly devote resources to identifying and managing cybersecurity risks and features of their devices. Devices that once might have been considered to have no network connectivity have been brought into regulatory focus as...
The Seven Success Factors in Building a Robust Compliance Program Infrastructure
Introduction Establishing a robust compliance program is essential for any organization, particularly within the healthcare sector, where adherence to federal laws and regulations is critical. The Office of Inspector General (OIG) of the Department of Health and...
Engaging a Penetration Testing Team
Introduction Secure design best practices (and various standards and guidance) recommend penetration testing (pentesting) be included in the secure development life cycle and conducted by a team independent of the product developers and testers. Testing should begin...
Breaking Sterilization Barriers – EPA's Bold Move Towards Safer Medical Device Regulation
The U.S. Environmental Protection Agency (EPA) has issued a final rule aimed at limiting emissions of ethylene oxide (EtO), a carcinogenic chemical extensively used in the sterilization of medical devices, with a focus on enhancing medical device regulation. This new...