MEDIcept Insights
Cybersecurity Post-Market Surveillance
Postmarket surveillance is a crucial aspect of medical device safety and cybersecurity risk management. It is the primary means of gathering information about how your device performs in the real world so you can make improvements that deliver better diagnoses or...
Cybersecurity Risk Control
With a freshly completed threat model in hand, you turn to your next task: create the corresponding cybersecurity risk assessment. You identified some threat mitigations while constructing your threat model, perhaps making some design decisions intended to limit your...
Threat Modeling for Medical Devices
You’ve just realized that your medical device has a connection to the outside world and meets the definition of a cyber device per FDA guidance “Select Updates for the Premarket Cybersecurity Guidance: Section 524B of the FD&C Act.” As the initial shock wears...
Securing Your Medical Device Software Development Life Cycle
Medical device manufacturers must increasingly devote resources to identifying and managing cybersecurity risks and features of their devices. Devices that once might have been considered to have no network connectivity have been brought into regulatory focus as...
The Seven Success Factors in Building a Robust Compliance Program Infrastructure
Introduction Establishing a robust compliance program is essential for any organization, particularly within the healthcare sector, where adherence to federal laws and regulations is critical. The Office of Inspector General (OIG) of the Department of Health and...
Engaging a Penetration Testing Team
Introduction Secure design best practices (and various standards and guidance) recommend penetration testing (pentesting) be included in the secure development life cycle and conducted by a team independent of the product developers and testers. Testing should begin...