Since acquiring OpenSky—provider of information technology expertise—in January 2014, TÜV Rheinland has introduced new security consulting and remediation services for medical device manufacturers. The quality assurance company’s services will help improve the security of devices and meet the Federal Drug Administration’s (FDA) guideline regarding cybersecurity of medical devices. TÜV Rheinland will offer services that include assessment, testing, and remediation services, and will additionally assist manufacturers to meet healthcare provider purchase requirements.
The service will allow manufacturers to analyze current threats and vulnerabilities within medical device software and communication systems. This will include: vulnerability assessment of how vulnerable the device is to cybersecurity attacks; penetration testing that attempts to identify, exploit, and penetrate the network; software source-code analysis to evaluate the security posture of the application; advice on how to remediate any security findings; and information security assessment against industry standards and regulations.