< Back to previous page

Publication

Cybersecurity of Medical Devices. Regulatory challenges in the EU

Book Contribution - Chapter

Over the last decade, the number of connected-to-network medical devices significantly grew, which has led to their increased exposure to cyber incidents and attacks. The increasing digitalisation of healthcare service providers has enabled cyber-attack techniques towards them to become more liquid, flexible, and able to exploit all the possible paths of entry rapidly. Medical devices’ cybersecurity is currently a topic of utmost relevance all over the world. In the last years, regulators have provided guidance on medical device cybersecurity, including in the European Union (EU). The EU legal framework on healthcare cybersecurity– including medical devices law – however, is heavily characterised by specialisation, which may exacerbate complexity in medical device cybersecurity regulation. This book chapter assesses the level of maturity of the EU medical devices legal framework, in the light of the EU cybersecurity policy objectives and having regard of complexity aspects inherently characterising the healthcare sector. First, it outlines the core cybersecurity-related elements in EU Medical Devices Regulation (MDR) and offers critical remarks to the Medical Device Coordination Group Guidance on medical device cybersecurity. Secondly, the book chapter illustrates other relevant pieces of EU legislation becoming relevant to medical devices’ cybersecurity (the NIS Directive, the Cybersecurity Act, the GDPR, the Radio Equipment Directive), and it propounds critical remarks concerning the possible regulatory challenges stemming from these. The analysis finds that regulatory challenges persist due to regulatory specialisation, possibly leading to regulatory overlapping, fragmentation risks, regulatory uncertainty and duplication. In its final section, the book chapter provides recommendations for lawmakers and regulators dealing with the cybersecurity of medical devices in the EU.
Book: The Future of Medical Device Regulation: Innovation and Protection
Pages: 51 - 62
ISBN:9781108975452
Publication year:2022
Accessibility:Open