Cybersecurity of Medical Devices: Regulatory Challenges in the EU

The Future of Medical Device Regulation: Innovation and Protection, Cambridge University Press, 2020

11 Pages Posted: 5 Jun 2021

See all articles by Elisabetta Biasin

Elisabetta Biasin

KU Leuven - Centre for IT & IP Law (CiTiP)

Erik Kamenjasevic

KU Leuven - Centre for IT & IP Law (CiTiP)

Date Written: September 30, 2020

Abstract

This book chapter assesses the EU medical devices legal framework in light of the EU cybersecurity policy objectives and the complexity aspects inherently characterizing the healthcare sector. First, it outlines the core cybersecurity-related elements in the EU Medical Devices Regulation (MDR) and offers critical remarks on the Medical Device Coordination Group’s Guidance on medical device cybersecurity. Second, the chapter illustrates other relevant pieces of the EU legislation that become applicable in the context of medical devices’ cybersecurity, namely the NIS Directive, the Cybersecurity Act, the GDPR, the Radio Equipment Directive. Third, the chapter offers critical remarks concerning the possible regulatory challenges stemming from their interaction with the MDR. Here, the analysis finds that regulatory challenges persist due to regulatory specialization, possibly leading to regulatory overlapping, fragmentation risks, regulatory uncertainty and duplication. In its final section, the chapter provides recommendations for EU lawmakers dealing with the cybersecurity of medical devices in the EU.

Keywords: Medical Device, Cybersecurity, Healthcare, MDR, MDCG, Cybersecurity Act, NIS Directive, GDPR, Radio Equipment Directive

Suggested Citation

Biasin, Elisabetta and Kamenjasevic, Erik, Cybersecurity of Medical Devices: Regulatory Challenges in the EU (September 30, 2020). The Future of Medical Device Regulation: Innovation and Protection, Cambridge University Press, 2020, Available at SSRN: https://ssrn.com/abstract=3855491 or http://dx.doi.org/10.2139/ssrn.3855491

Elisabetta Biasin (Contact Author)

KU Leuven - Centre for IT & IP Law (CiTiP) ( email )

Sint-Michielsstraat 6
Leuven, Vlaams-Brabant 3000
Belgium

HOME PAGE: http://https://www.law.kuleuven.be/citip/en/staff-members/staff/00121994

Erik Kamenjasevic

KU Leuven - Centre for IT & IP Law (CiTiP) ( email )

Sint-Michielsstraat 6 box 3443
Leuven, 3000
Belgium

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
416
Abstract Views
1,689
Rank
130,588
PlumX Metrics