EU’s New Cybersecurity Guidelines: Not Perfect, But Key Signposting For All Involved
How do the EU’s new cybersecurity guidelines expand on the MDR and fit into the myriad other software-related guidance documents the medtech industry has to consider?
You may also be interested in...
Medtech companies will avoid the need to comply with yet another EU regulation, it seems, after the European Commission confirmed that proposals to tighten up cybersecurity rules for internet-connected products will not apply to medical devices.
An expert from the European Union Agency for Cybersecurity (ENISA) has told Medtech Insight that although the new EU Medical Device and IVD Regulations will push developers to make more secure products, regulation is not enough to prevent cyberattacks on devices and digital health systems.
Lawyers Vladimir Murovec and Annabelle Bruyndonckx from Simmons & Simmons explain why the European Commission’s recently published software guidance falls short of what the EU medtech industry needs. They describe it as an afterthought and lacking legal review compared to previous MDCG guidelines.