Seminar „IT Security of Medical Devices“
There is currently no known date for this seminar. Please try again at a later date or
contact us.
Targets
We would like to explicitly point out that in this seminar we are teaching the regulatory requirements and not the concrete technical implementation of IT Security.
This two-day compact seminar on IT security of medical devices pursues the learning objectives:
- Regulatory requirements
You know the regulatory requirements for IT security and can classify them according to application areas (e.g. EU / FDA / international, industry-specific / non-specific, manufacturer / operator). - EU Basic Data Protection Regulation (EU-DSGVO)
You can put the requirements of the EU General Data Protection Regulation in the context of the requirements for IT security of the products. - Basics and terms
You know the protection goals of IT security in the context of medical devices and can confidently handle terms, e.g. threat, vulnerability, asset. - IT Security-Related System & Software Requirements
You will receive an overview of the specific IT security requirements (software / system requirements) resulting from the application of the relevant standards and laws. - Security Analysis
You can apply methods (e.g. Threat Modeling, Threat Analysis and Risk Assessment) to systematically analyze and minimize IT security risks. - Security Testing
You know important test methods in IT security, e.g. penetration testing or fuzz tests - Development and Post-Market Processes
You understand how continuous assurance of IT security can be embedded into the development process and post-market surveillance, and what data sources and roles are available for this.
Content
Day 1
| Time | Topic focus |
| 9:00 AM | Welcome, expectations, introduction |
| 9:20 AM | Introduction: status quo, definitions of terms, protection goals |
| 9:50 AM | Regulatory requirements for IT security |
| 10:45 AM | Break |
| 11:00 AM | Derivation of the most important activities from the regulatory requirements |
| 11:45 AM | EU-DSGVO and application to IT security of products |
| 12:15 PM | Lunch |
| 1:15 PM | General requirements for quality and risk management |
| 2:00 PM | Planning |
| 2:15 PM | Requirements engineering |
| 3:00 PM | Break |
| 3:15 PM | Architecture, Defense-in-depth, Threat Modeling |
| 5:00 PM | Summary, recap, Q&A session |
| 5:15 PM | End day 1 |
Day 2
| Time | Topic focus |
| 9:00 AM | Greeting and repetition |
| 9:20 AM | Other activities in the product life cycle: design, implementation, verification, release, maintenance |
| 10:45 AM | Break |
| 11:00 AM | Risk management for IT security |
| 12:15 AM | Lunch |
| 1:15 PM | Post-market activities |
| 2:15 PM | Technical documentation for IT security |
| 3:00 PM | Break |
| 3:15 PM | Integration of IT security activities into your own process landscape |
| 4:00 PM | IEC 81001-5-1 and IEC 60601-4-5 and their application |
| 4:30 PM | IT security in own company and as operator, EU-DSGVO, ISO 27001 |
| 5:00 PM | Summary, recap, Q&A session |
| 5:15 PM | End of the seminar |
Target group
This seminar on IT security for medical devices is aimed in particular at the following persons:
- (Software) developer and software tester
- Employees in IT
- Regulatory Affairs and Quality Manager
- Risk managers and safety officers
- Project Manager and Product Manager
Back To Top
Privacy settings
We use cookies on our website. Some of them are essential, while others help us improve this website and your experience.