Cybersecurity of medical devices – requirements of the Notified Body



Managing the challenges and risk relating to cybersecurity

The digitisation of the medical sector brings with it countless opportunities to improve the care available to patients and the data available to their practitioners. At the same time, there are risks inherent in digitisation that need to be addressed, especially in the case of connected medical devices.

Despite these devices’ strict requirements for protection of data confidentiality, integrity and availability, there are still no harmonised standards for the cybersecurity of medical devices.

Key topics covered:

  • Regulatory and legal background
  • Expectations of a notified body regarding cybersecurity during audits and technical documentation assessments
  • Overview of currently available standards and guidance documents for cybersecurity
  • Cybersecurity testing possibilities


Dr. Andreas Purde

Global Director Functional Safety, Software and Digitization Medical Devices, TÜV SÜD

Following the completion of his PhD in electrical engineering and a spell in the semiconductor industry, Andreas joined TÜV SÜD 13 years ago as an auditor and specialist in functional safety. Today, he is responsible for global functional safety and digitisation of medical devices.D as clinical reviewer at the Clinical Centre of Excellence.

Related Services: Medical Device Regulation (MDR) | EU In Vitro Diagnostic Medical Device Regulation (IVDR) | Medical Device Single Audit Program (MDSAP) 

Next Steps

Site Selector