News Digital Health Newsletter

MedTech Europe supports stronger European cybersecurity measures

Posted on 01.04.2021

Safety and security are critical conditions for patients and citizens to entrust their personal health data to a doctor, provider, or health system, given the potential for abuse or blackmail (last year’s ransomware attack on patients of the Vastaamo psychotherapy centre in Finland caused widespread concern). As a result, cybersecurity is now on European decision-makers’ agenda: barely five years after the 2016 NIS Directive strengthened cybersecurity defences, the NIS 2 Directive has further widened European competences in the protection of critical infrastructures. Medical technology manufacturers can now be considered “essential entities” if their devices are deemed critical during a public health emergency and can face significant fines for violations of cybersecurity rules. Last 18 March, MedTech Europe issued a response to the NIS 2 Directive (driven by the Cybersecurity Working Group and the Digital Health Committee), MedTech Europe welcomed the NIS 2 Directive but called for relevant sectoral guidance to promote further harmonisation and clarity.

For more information please, contact Michael Strübin (m.strubin@medtecheurope.org).