COCIR members have long implemented “security by design” principles in the products and services they offer.
COCIR members develop solutions that support the safe and seamless transfer of medical data throughout the entire healthcare cycle.
Several EU legislative frameworks have introduced requirements for the security of connected health technologies:
- the Medical Devices Regulation (MDR)
- the Directive on Security of Network and Information Systems (NIS Directive)
- the General Data Protection Regulation (GDPR)
- the Cybersecurity Act
Additional laws and regulations may apply at the national level.
Therefore security cannot be addressed from an isolated point of view.
Security is also a shared responsibility. It takes organisational measures to ensure security, which can then be supported by product technology.
We need to broaden the discussion to ensure better harmonisation and convergence.
Market surveillance authorities should have the right tools and resources to perform their tasks in order to ensure a level playing field. Clear coordination is needed to make incident reporting more effective.
COCIR remains actively involved in on-going discussions with various regulators to resolve these issues and advocate a holistic approach.
Read our COCIR White Paper “Advancing Cybersecurity of Health and Digital Technologies"