Principles & Practices for the Cybersecurity of Legacy Medical Devices by the International Medical Device Regulators Forum

Medical devices, their hardware, and software are increasingly connected to the Internet, sometimes referred to as the Internet of Medical Things (IoMT) or the Internet of Things (IoT) in healthcare. Healthcare professionals access data from imaging technologies in hospitals to remote patient monitoring and alert systems at home or on the human body. Patients may use medical device software at home to aid with physical rehabilitation. The global IoT in healthcare market is expected to reach USD $169.99 billion by 2030. 
Cybersecurity involves the protection of electronic information and assets from unauthorized access, use, and disclosure. There have been reported cybersecurity issues in the healthcare industry such as malware, ransomware, and data breaches, and regulatory authorities have come up with principles and best practices for managing the cybersecurity of legacy medical devices.

The International Medical Device Regulators Forum (IMDRF) comprises global regulatory authorities as stakeholders, including those in North America, the EU, Asia, Australia, and more, has recommended various principles and best practices including responsibilities for the medical device manufacturer and the healthcare professional for the management of legacy medical devices throughout the device life cycle. This webinar explores cybersecurity, the medical device life cycle, and the responsibilities of the manufacturer and healthcare professional at each phase or stage of the medical device life cycle.

• An introduction to cybersecurity and the various stages or phases of the medical device life cycle
• Responsibilities of the Medical Device Manufacturer throughout the medical device life cycle, including in device design/development, data transfer at device life cycle stages, vulnerabilities, and risk management
• Responsibilities of the Healthcare Professional throughout the medical device life cycle

• Medical device companies – executives, entrepreneurs, engineers, developers, programmers, research & development personnel.
• Software engineers, biomedical engineers, software developers, software programmers, IT personnel in medical device companies and hospitals
• Healthcare technology management personnel in hospitals/healthcare facilities
• Regulatory Affairs Professionals in medical device and AI companies
• Students in regulatory affairs programs

Rachelle D’Souza began her career in regulatory compliance in 2007. She has provided Regulatory Affairs, Quality Assurance, Clinical, Pharmacovigilance and Medical Information support to the Pharmaceutical, Biologic, Generic, Natural Health Product, Dietary Supplement, Medical Device, Cosmetic, Pesticide and Food industries.

Rachelle has developed regulatory strategies, independently prepared regulatory submissions and secured product and site approvals from global regulatory agencies. She has also designed, implemented, and maintained global quality, pharmacovigilance and medical information systems. Rachelle’s regulatory articles and webinars on the latest global

regulatory developments have been published in print and online by regulatory professional associations, webinar hosting platforms and industry magazines.