MedTech Europe supports stronger European cybersecurity measures
Posted on 01.04.2021
Safety and security are critical conditions for patients and citizens to entrust their personal health data to a doctor, provider, or health system, given the potential for abuse or blackmail (last year’s ransomware attack on patients of the Vastaamo psychotherapy centre in Finland caused widespread concern). As a result, cybersecurity is now on European decision-makers’ agenda: barely five years after the 2016 NIS Directive strengthened cybersecurity defences, the NIS 2 Directive has further widened European competences in the protection of critical infrastructures. Medical technology manufacturers can now be considered “essential entities” if their devices are deemed critical during a public health emergency and can face significant fines for violations of cybersecurity rules. Last 18 March, MedTech Europe issued a response to the NIS 2 Directive (driven by the Cybersecurity Working Group and the Digital Health Committee), MedTech Europe welcomed the NIS 2 Directive but called for relevant sectoral guidance to promote further harmonisation and clarity.
For more information please, contact Michael Strübin ([email protected]).