The UL CAP Evaluation reviews documentation related to the processes of medical device cybersecurity and network connected device cybersecurity. The UL CAP Certification is based on industry initiatives, regulations and best practices related to cybersecurity.
The UL Cybersecurity Assurance Program (UL CAP) for Network Connectable Components of Healthcare and Wellness Systems is a suite of solutions that helps verify compliance to requirements validating that your product and systems offer a reasonable level of protection against risks that may result in unintended or unauthorized access, change or disruption. It is based on the following FDA approved standards:
- UL 2900-1:2017 Software Cybersecurity for Network-Connectable Products, Part 1: General Requirements (1st Edition)
- UL 2900-2-1:2017 Software Cybersecurity for Network-Connectable Products, Part 2-1: Particular Requirements for Network Connectable Components of Healthcare and Wellness Systems (1st Edition)
We can help you meet the regulatory requirements that the following agencies have documented outlining the activities that manufacturers should take with their medical devices.
- US FDA
- European Medicines Agency
- Japan Ministry of Health and Welfare
- China FDA (CFDA)
These regulations specifically relate to devices that can be connected to IT networks through wired or wireless connections such as WiFi, Bluetooth or Cat 5 cable. These guidance documents contain information that the FDA is expecting to be included in the new 510(k) submissions of medical devices with software and network connections.
We can perform tests and issue solution-oriented reports, including:
- Fuzz, patch and malware testing
- Informative, summative and other testing reports
- Testing certification
- Gap assessments
- Product testing
Our Cybersecurity Assurance Program brings transparency to your product and system security, especially as it relates to medical device and network connected device cybersecurity. With years of cybersecurity science behind us, we have the expertise to help you comply with industry regulations, standards and best practices. Our experience has enabled us to bring these components together to create one reliable testing and certification program.
Once your products and systems are certified, they will be well-positioned to thwart attempts to change their functionality, access their data or gain entry through one of their connections. All these things will help increase the end user’s confidence in your products and your system security.