The integration of advanced information technologies in medical devices has transformed the healthcare industry, resulting in dramatic improvements in the efficiency and effectiveness of healthcare and related services. But this integration has fostered the emergence of a new set of challenges for patients, healthcare providers and device developers and manufacturers. Today, the healthcare industry is a significant target for hackers and cybercriminals, potentially compromising private and confidential healthcare data and placing the safety and health of patients at risk.
UL Cybersecurity Assurance Program (CAP)
The UL Cybersecurity Assurance Program (CAP) is intended to support manufacturers, end-users and system installers and integrators in promoting good cybersecurity hygiene in designing, manufacturing, installing and maintaining products and systems. Based on the UL 2900 Series of Standards and other industry standards, the full suite of cybersecurity services is designed to help organizations manage their cybersecurity risks and validate their cybersecurity capabilities to the marketplace.
The UL CAP program supports industry needs for three main areas:
- Awareness: Reinforce industry understanding and awareness of best practices and global regulatory drivers
- Benchmark: Vendors need to benchmark against industry-accepted standards and best practices
- Certify: Certification to demonstrate compliance to industry-accepted standards
UL healthcare cybersecurity services at a glance
We will help you address your cybersecurity, data privacy and interoperability risks. Our services include:
- Private security workshops to share best practices and learnings unique to your needs.
- Gap analysis services to detect non-conformities and errors early on in the design phase.
- Custom testing and assessment services throughout the development life-cycle.
- Complete evaluation and certification services to the U.S. Food and Drug Administration (FDA) recognized UL 2900 series of standards and other industry-leading standards
The services are highly customizable depending on your specific cybersecurity and organizational needs.
Our testing and certification services apply to, but are not limited to, the following types of connectable devices:
- Medical devices and accessories
- Medical device data systems
- In vitro diagnostic (IVD) medical devices and accessories
- Health IT devices
- Wellness devices
- Software as a Medical Device (SaMD) such as mobile applications, web applications, cloud solutions, etc.
Why UL for cybersecurity services in the healthcare industry
UL has extensive expertise in cybersecurity with a global network of IoT and OT security laboratories, and security experts and advisors with specialized expertise in global security standards, frameworks and best practices for the smart healthcare ecosystem. We help healthcare organizations to:
- Define where they are in their cybersecurity maturity
- Understand what they will need to do to develop secure devices
- Manage digital identity of people and products
- Improve internal cybersecurity capabilities and processes
- Validate security built into their products throughout their lifecycle
- Communicate security features to differentiate products in the marketplace