Bringing together the most advanced technologies from the physical and cyber security spheres, SAFECARE aims to deliver high-quality, innovative and cost-effective solutions in system security. These solutions focus on mitigating cyber-physical threats and incidents and their interconnections and potential cascading effects.

In particular, the research focuses on:

• Enhancing cybersecurity in healthcare
  

Over the last decade, the EU has faced numerous threats that have rapidly increased in magnitude, that come from a variety of sources. In recent years, the intensification of cyberattacks in the healthcare sector has put increasingly at risk the functioning of healthcare facilities, bringing severe implications for the health and safety of patients. To address these risks, project aims to provide solutions to improve physical and cyber security for healthcare organisations through novel approaches to enhance threat prevention, threat detection, incident response and mitigation of impacts.

• Enhancing cybersecurity for medical devices

From a regulatory point of view, healthcare cybersecurity and the protection of medical devices have become a growing concern. Ensuring medical device cybersecurity is a joint responsibility amongst the many stakeholders involved – ranging from healthcare providers to manufacturers to IT operators and patients. The Medical Device Regulation (MDR) provides for medical devices’ cybersecurity in its essential safety requirements, ranging from pre-market to post-market activities. The Medical Devices Coordination Group recently elaborated them further in its Guidance on Cybersecurity for Medical Devices.

However, new EU-level cybersecurity legislation – the Cybersecurity Act, the NIS Directive and possibly, the proposed NIS2.0 – are adding new requirements to the ones initially set by the MDR. Some of these, such as cybersecurity certification or notification obligations, might overlap and bring regulatory uncertainty. The interaction of these pieces of legislation calls for careful analysis to ensure a consistent and smooth application for healthcare stakeholders.

Research carried out in the context of the SAFECARE project studies the regulatory challenges of medical devices cybersecurity. The paper finds risks of regulatory overlapping, duplication and fragmentation across the EU. The analysis includes a list of recommendations for policymakers to remedy these shortcomings and enhance coherence in the regulatory landscape.

More resources at: https://www.safecare-project.eu/?page_id=15