|
With the rapid advancement of technology, cybersecurity has become a critical issue that can no longer be overlooked.
In this new era of healthcare, BriteMED ensures that its product design and development not only meet certification standards but also adhere strictly to the principles of the FDA Cybersecurity guidelines:
「“ Manufacturers should address cybersecurity during the design and development of the medical device, as this can result in more robust and efficient mitigation of patient risks. Manufacturers should establish design inputs for their device related to cybersecurity ”」
Additionally, whether it involves current product development or optimization through redesign, we conduct thorough risk assessments and implement preventive measures ahead during the software design and development phases. This rigorous approach ensures the peace of mind of our customers, users, and patients.
The definition of Cybersecurity (FDA)
”is the process of preventing unauthorized access, modification, misuse or denial of use, or the unauthorized use of information that is stored, accessed, or transferred from a medical device to an external recipient. ”
Following the establishment of cybersecurity vulnerability identification and management methods, BriteMED complies with the requirements of 21 CFR 820.30(g) for software validation and risk analysis. The approach should appropriately address the following elements:
- Identification of assets, threats, and vulnerabilities
- Assessment of the impact of threats and vulnerabilities on device functionality and end users/patients
- Assessment of the likelihood of a threat and of a vulnerability being exploited
- Determination of risk levels and suitable mitigation strategies
- Assessment of residual risk and risk acceptance criteria
For Cybersecurity Functions, consider the following cybersecurity framework core functions to guide cybersecurity activities: Identify, Protect, Detect, Respond, and Recover.
Examples of security functions to consider for the protection of medical devices should include, but should not be limited to the following:
For both ongoing product development and product optimization through redesign, relevant risk assessments and preventive measures are conducted. Depending on the product, specific items are tested as follows, with all tests achieving a Pass result:
•Network Security Test
•Password Management
•Security Event Notification
•Checking Logs for Sensitive Data
•Finding Sensitive Data in the Keyboard Cache
•Testing Backups for Sensitive Data
•Testing Auto-Generated Screenshots for Sensitive Information
•Testing Enforced Updating
•Testing Jailbreak Detection
••Testing Anti-Debugging
•Testing Enforced Updatingng Detection
•Testing Reverse Engineering Tools Detection
•Testing Emulator Detection
•Testing Obfuscation
Prioritizing cybersecurity, BriteMED has proactively launched the
Products & Services Security Program
For more about the Program:
 
Because we care, you can have peace of mind!
|
.jpg)
.png)
Facebook.png)
Linkedin
YouTube.gif)
Tel:.gif)
FAX: +886-2-8691-9468.gif)
Email: 