MediWales are holding a MedTech Regulatory and Cybersecurity Workshop on the 20th November at the Maltings, Cardiff.

This workshop offers practical guidance on navigating privacy and security requirements, focusing on both organisational strategies and product specific compliance needs.

Draft programme:

9:00 – 9:30am: Registration and refreshments

 Privacy & Security Standards and Compliance requirements for Medical Devices – Radharamanan Hariharan, MQMS

Secure software development in Medical Devices – David Hawkins, Sotas

Group Exercise – Implementing Risk Management and a C, I & A approach

Break

Group Activity Discussion on Risk Management

Through-Life Product Security: Experience from other sectors – Sarah Harford and Graham Jefferies, Frazer-Nash Consultancy

Planning and Strategy: Project Planning for Internationalisation – Prof. Laurie Rowe, Red Medtech

Post release and post market surveillance for cybersecurity – David Hawkins, Sotas

Panel: next steps and conclusion

Lunch

Note: 1-2-1 sessions to address firm/product specific queries can be arranged after lunch.

Protecting sensitive patient data is crucial in today’s healthcare landscape, especially given the rising threat of cybersecurity incidents like ransomware attacks. Compliance with established standards such as ISO 27001 and regulatory guidelines from bodies like the UK MHRA and US FDA has become increasingly important. This need is raised by the integration of AI in medical devices, which is guided by standards like ISO 42001 to ensure security and safety.

In addition to internal cybersecurity measures, organizations must also assess their supply chain security, as supply chain attacks are becoming more prevalent across all sectors, including healthcare. By implementing attack surface management, organizations can identify and assess public-facing vulnerabilities in a non-invasive manner, providing valuable insights for compliance audits and high-level risk assessments.

It is essential for anyone handling protected health information to have a solid understanding of relevant privacy and security regulations. Non-compliance can result in significant financial and reputational damage, making comprehensive training vital for embedding a culture of privacy and security throughout the organization.

Ultimately, regulations aim to empower patients by granting them greater control over their health information, including rights to access and correct it. Ensuring compliance involves the implementation of robust physical, network, and administrative security measures. By fostering a culture of awareness and diligence around data protection, healthcare organizations can not only meet regulatory requirements but also build trust with patients and stakeholders, enhancing their overall reputation in the industry.

If you are interested in learning more about the privacy and security regulations that are essential in this day and age, register for our MedTech Regulatory and Cybersecurity Workshop here.

This event is free for MediWales members to attend. Non-members will be charged £150 + VAT per delegate.