EU Cyber Resilience Act Should Include Medtech, Says Data Protection Watchdog

The European Commission’s decision to exclude medical devices from the scope of its proposed Cyber Resilience Act was praised by industry, but this could all change, as the EU’s data protection supervisor argues that medtech should be included in the legislation.

Cybersecurity Concept
• Source: Alamy

Medical devices that fall within the regulatory scope of the EU’s Medical Device Regulation (MDR) were confirmed to be among the few categories of product excluded from the commission’s draft Cyber Resilience Act in September This was under the logic that sector-specific rules are sufficient to keep products safe from cyberattacks.

This decision was met with a sense of relief from the medtech industry, as manufacturers are already grappling with both...

More from Europe

More from Geography