Cybersecurity Services
Medical Technology

Medical Devices with connected capabilities are becoming more prevalent around the globe – and due to their use in human health and associated functions, cybersecurity is highly significant to ensure safe use.

Bureau Veritas has a range of capabilities focused on helping hospitals, clinics and device manufacturers globally ensure the security of their medical devices.

Cybersecure Medical Devices

Medical devices must pass a range of extensive regulations and achieve certification to multiple standards in order to confirm their clinical performance. With a recent rise in cyber vulnerabilities being exposed in such devices, Cybersecurity has become an important element in the testing and inspection in the field.

Therefore, cybersecurity has been integrated into both standards and requirements for manufacturers of medical devices, pertaining to both the development process and the testing and validation of security features found in the device.

Bureau Veritas can support medical device manufacturers with the regulatory compliance for US and/or EU, as well as testing and certification based on the most relevant international standards.


Medical devices are among the products with the most extensive set of regulations regarding local market access. For both the EU and USA, but also many other regions and countries, local regulations need to be satisfied by the developers. While these regulations historically focused on the clinical performance of the products, recent updates to the FDA and EU MDR have introduced specific requirements linked to cybersecurity. Developers are required to compile an evidence file aimed to demonstrate compliance with these requirements. The requirements include compliance with development processes, risk assessment, but also a state of the art security controls (using standards such as ANSI UL 2900 and IEC 62443 as reference) and evidence of conducted testing.

Bureau Veritas can support manufacturers of medical devices with testing and certification of their products based on ANSI UL 2900 and IEC 62443. At the same time, support can be given for identifying compliance gaps with the FDA and EU MDR regulations, as well as consultancy in closing these gaps.


Support and

- Design Reviews
- Validation and Penetration Testing
- Code Reviews
- Processes Reviews

Compliance and Testing

- IEC 62443 Compliance
- UL 2900 Compliance


- UL 2900 Certification
- Common Criteria Certification
- EU MDR Compliance Gap Analysis
- FDA Compliance Gap Analysis

Get in touchwith us
Would you like to receive marketing communication from Bureau Veritas?
Would you like to receive marketing communication from Bureau Veritas?