Health Canada Cybersecurity Draft Guidance

Health Canada issued a draft guidance document titled, “Pre-market Requirements for Medical Device Cybersecurity.” Section 1.1 states: “Health Canada considers the inclusion of cybersecurity measures an important consideration in issuing medical device licenses. Therefore, this guidance document provides medical device manufacturers advice on the practices, responses and mitigation measures which can improve the cybersecurity of their device. This guidance also outlines the information to be submitted as part of a medical device licence or licence amendment application to demonstrate that their medical device, consisting of or containing software, is sufficiently secure from intentional or unintentional unauthorized access.” Table 1 lists some design principles to consider. Table 3 lists some types of cybersecurity testing (UL 2900-2-1) to consider including source and binary code analysis using tools. Section 2.2 lists information to include in license application to Health Canada. The full draft guidance is at the link provided: 2018 HealthCanada Draft Guidance Document Pre‐market Requirements for Medical Device Cybersecurity.

Schedule Discussion with John F. Murray, Jr.

John is currently providing telephone and face-to-face meetings to discuss:  Cybersecurity, Part 11, 483 Response, design controls expectations for software documentation, and other topics.

Leave a message and we will contact you to schedule:

Corporate Office

+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TN) and Italy.