Seminar „IT Security of Medical Devices“

No seminar date
There is currently no known date for this seminar. Please try again at a later date or contact us.


We would like to explicitly point out that in this seminar we are teaching the regulatory requirements and not the concrete technical implementation of IT Security.

This two-day compact seminar on IT security of medical devices pursues the learning objectives:

  • Regulatory requirements
    You know the regulatory requirements for IT security and can classify them according to application areas (e.g. EU / FDA / international, industry-specific / non-specific, manufacturer / operator).
  • EU Basic Data Protection Regulation (EU-DSGVO)
    You can put the requirements of the EU General Data Protection Regulation in the context of the requirements for IT security of the products.
  • Basics and terms
    You know the protection goals of IT security in the context of medical devices and can confidently handle terms, e.g. threat, vulnerability, asset.
  • IT Security-Related System & Software Requirements
    You will receive an overview of the specific IT security requirements (software / system requirements) resulting from the application of the relevant standards and laws.
  • Security Analysis
    You can apply methods (e.g. Threat Modeling, Threat Analysis and Risk Assessment) to systematically analyze and minimize IT security risks.
  • Security Testing
    You know important test methods in IT security, e.g. penetration testing or fuzz tests
  • Development and Post-Market Processes
    You understand how continuous assurance of IT security can be embedded into the development process and post-market surveillance, and what data sources and roles are available for this.


Day 1

TimeTopic focus
9:00 AMWelcome, expectations, introduction
9:20 AMIntroduction: status quo, definitions of terms, protection goals
9:50 AMRegulatory requirements for IT security
10:45 AMBreak
11:00 AMDerivation of the most important activities from the regulatory requirements
11:45 AMEU-DSGVO and application to IT security of products
12:15 PMLunch
1:15 PMGeneral requirements for quality and risk management
2:00 PMPlanning
2:15 PMRequirements engineering
3:00 PMBreak
3:15 PMArchitecture, Defense-in-depth, Threat Modeling
5:00 PMSummary, recap, Q&A session
5:15 PMEnd day 1

Day 2

TimeTopic focus
9:00 AMGreeting and repetition
9:20 AMOther activities in the product life cycle: design, implementation, verification, release, maintenance
10:45 AMBreak
11:00 AMRisk management for IT security
12:15 AMLunch
1:15 PMPost-market activities
2:15 PMTechnical documentation for IT security
3:00 PMBreak
3:15 PMIntegration of IT security activities into your own process landscape
4:00 PMIEC 81001-5-1 and IEC 60601-4-5 and their application
4:30 PMIT security in own company and as operator, EU-DSGVO, ISO 27001
5:00 PMSummary, recap, Q&A session
5:15 PMEnd of the seminar

Target group

This seminar on IT security for medical devices is aimed in particular at the following persons:

  • (Software) developer and software tester
  • Employees in IT
  • Regulatory Affairs and Quality Manager
  • Risk managers and safety officers
  • Project Manager and Product Manager

Privacy settings

We use cookies on our website. Some of them are essential, while others help us improve this website and your experience.