Cybersecurity Act revision: MedTech Europe’s response to the public consultation

MedTech Europe welcomes the opportunity to provide feedback on the proposed revision of the Cybersecurity Act, an important initiative to strengthen the EU’s cybersecurity resilience while supporting a well-functioning Digital Single Market. Representing the medical technology sector, our members develop connected medical devices, diagnostic software, and AI-enabled solutions within a robust regulatory framework that prioritises patient safety, quality, and trust.

Digital health technologies are transforming healthcare delivery by enabling more connected, efficient, and data‑driven care pathways. However, as healthcare systems and providers become increasingly digitalised and interconnected, they are also exposed to a growing and evolving landscape of cybersecurity threats. Cyber incidents affecting medical technologies or healthcare infrastructures can have direct consequences for the continuity of care, patient safety, and public trust, in addition to financial and operational impacts.

In this context, revising the Cybersecurity Act is not only a matter of regulatory compliance. A coherent, proportionate, and well‑aligned EU cybersecurity framework plays a fundamental role in ensuring the secure development, deployment, and use of digital medical technologies, supporting the safe and reliable delivery of healthcare services across the EU.

MedTech Europe supports the overarching objective of strengthening the EU’s cybersecurity resilience and highlights the need for practical, well-aligned measures that deliver clarity, avoid fragmentation, and remain workable for highly regulated sectors such as healthcare.

Read our full response below.