Categories
Digital Health MedTech

SaMD Cybersecurity and GDPR

Security = Safety

Under EU MDR, cybersecurity is a General Safety and Performance Requirement. Failure to secure software is a patient safety risk.

Technical Steps:

  • Secure architecture and testing (MDCG 2019-16)
  • Access control, encryption, logging
  • Vulnerability management and patches

GDPR Considerations:

  • Health data = special category
  • Explicit consent and purpose limitation
  • DPIA (Data Protection Impact Assessment) required if high-risk AI involved

This post is part of SaMD Europe Launch Guide.

This content has been enhanced by GenAI tools.

By Piotr Wrzosinski

Piotr Wrzosinski is a Pharma and MedTech commercialization and digital marketing expert with 20+ years of experience across pharma (Roche, J&J), consulting (Accenture, IQVIA) and medical devices (BD).
He leads transformative EMEA Omnichannel Delivery Center team at Becton Dickinson and shares insights on Pharma, MedTech and Digital Health at disrupting.healthcare to speed up digital innovation in healthcare, because patients are waiting for it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.