First Test Facilities and Products Recognized Under New IEEE Cybersecurity Certification Program for Medical Devices

IEEE program benefits manufacturers and end users by helping to improve the safety and security of medical devices

The first medical devices from companies including Ascensia have been certified under the new IEEE Medical Device Cybersecurity Certification Program. Test facilities from atsec in Sweden, Germany, and the United States have also been officially recognized under the program.

By submitting medical devices for IEEE certification, manufacturers can demonstrate conformity with an international standard. Having their devices evaluated against a rigorous test plan and checklists by IEEE authorized third-party test labs helps to ensure conformance with the IEEE 2621 standard. This may expedite the approval process by regulatory bodies.

IEEE, the world’s largest technical professional organization dedicated to advancing technology for humanity, and the IEEE Standards Association (IEEE SA) launched the IEEE Medical Device Cybersecurity Certification Program in 2023. The program was developed by the IEEE 2621TM Conformity Assessment Committee (CAC), composed of stakeholders such as manufacturers, clinicians, the U.S. Food and Drug Administration (FDA), test laboratories, cybersecurity solutions providers, and industry associations from around the world. It aims to help address cybersecurity risks in medical devices that capture and manage user bio data and impact quality of life.

Atsec labs in Danderyd, Sweden, Munich, Germany, and Austin, Texas, USA, are the first to be officially authorized to test medical devices under the IEEE Medical Device Cybersecurity Certification Program.

“We enthusiastically embraced the opportunity to become a player in this domain when IEEE first contacted atsec in July 2022,” said Sal La Pietra, President and co-founder of atsec information security. “We’re particularly proud of this achievement because it follows the successful completion of two pilot projects that used the IEEE 2621 standard for medical device testing. These projects allowed us to refine our processes and demonstrate our expertise in applying this standard,” added Rasma Mozuraite Araby, CEO of atsec AB in Stockholm, Sweden.

Several devices from Ascensia have successfully undergone the testing and certification process as outlined by IEEE. Certified products are listed on the IEEE certified product registry.

“The IEEE Standards Association offers a trusted global environment that enables expert technology communities to achieve meaningful impact at scale,” said Alpesh Shah, Managing Director, IEEE Standards Association. “The IEEE Medical Device Cybersecurity Certification Program is the most recent example, one that offers a standards-based pathway and process for medical device manufacturers to meet regulatory requirements globally and translate into safer, compliant products for users.”

To learn more about this program, how to get involved, and how to submit a medical device for certification, please visit the IEEE Medical Device Cybersecurity Certification Program website.

To learn more about other IEEE Conformity Assessment Programs (ICAP), please visit the ICAP website.