Seminar „IT Security of Medical Devices“

No seminar date
There is currently no known date for this seminar. Please try again at a later date or contact us.


We would like to explicitly point out that in this seminar we are teaching the regulatory requirements and not the concrete technical implementation of IT Security.

This two-day compact seminar on IT security of medical devices pursues the learning objectives:

  • Regulatory requirements
    You know the regulatory requirements for IT security and can classify them according to application areas (e.g. EU / FDA / international, industry-specific / non-specific, manufacturer / operator).
  • EU Basic Data Protection Regulation (EU-DSGVO)
    You can put the requirements of the EU General Data Protection Regulation in the context of the requirements for IT security of the products.
  • Basics and terms
    You know the protection goals of IT security in the context of medical devices and can confidently handle terms, e.g. threat, vulnerability, asset.
  • IT Security-Related System & Software Requirements
    You will receive an overview of the specific IT security requirements (software / system requirements) resulting from the application of the relevant standards and laws.
  • Security Analysis
    You can apply methods (e.g. Threat Modeling, Threat Analysis and Risk Assessment) to systematically analyze and minimize IT security risks.
  • Security Testing
    You know important test methods in IT security, e.g. penetration testing or fuzz tests
  • Development and Post-Market Processes
    You understand how continuous assurance of IT security can be embedded into the development process and post-market surveillance, and what data sources and roles are available for this.


Day 1

Time Topic focus
9:00 AM Welcome, expectations, introduction
9:20 AM Introduction: status quo, definitions of terms, protection goals
9:50 AM Regulatory requirements for IT security
10:45 AM Break
11:00 AM Derivation of the most important activities from the regulatory requirements
11:45 AM EU-DSGVO and application to IT security of products
12:15 PM Lunch
1:15 PM General requirements for quality and risk management
2:00 PM Planning
2:15 PM Requirements engineering
3:00 PM Break
3:15 PM Architecture, Defense-in-depth, Threat Modeling
5:00 PM Summary, recap, Q&A session
5:15 PM End day 1

Day 2

Time Topic focus
9:00 AM Greeting and repetition
9:20 AM Other activities in the product life cycle: design, implementation, verification, release, maintenance
10:45 AM Break
11:00 AM Risk management for IT security
12:15 AM Lunch
1:15 PM Post-market activities
2:15 PM Technical documentation for IT security
3:00 PM Break
3:15 PM Integration of IT security activities into your own process landscape
4:00 PM IEC 81001-5-1 and IEC 60601-4-5 and their application
4:30 PM IT security in own company and as operator, EU-DSGVO, ISO 27001
5:00 PM Summary, recap, Q&A session
5:15 PM End of the seminar

Target group

This seminar on IT security for medical devices is aimed in particular at the following persons:

  • (Software) developer and software tester
  • Employees in IT
  • Regulatory Affairs and Quality Manager
  • Risk managers and safety officers
  • Project Manager and Product Manager

Privacy settings

We use cookies on our website. Some of them are essential, while others help us improve this website and your experience.