Reed Smith Client Alerts

Key takeaways

  • Singapore has launched a voluntary scheme which rates medical devices according to their levels of cybersecurity provisions.
  • The scheme aims to improve medical device security by incentivising manufacturers to adopt a security-by-design approach and enabling consumers and health care providers to make more informed decisions.
  • The scheme comprises four levels, with each additional level reflecting further testing and assessment that the product has undergone.

Authors: Bryan Tan Hannah Kong Eng Han Goh (Resource Law LLC)

Introduction

With health care systems becoming increasingly reliant on connected medical technologies, ensuring that these devices are secure from cyber threats is paramount. Singapore is the first country in the world to develop a multi-level CLS(MD), similar to the Cybersecurity Labelling Scheme for consumer smart devices launched in 2020. The scheme was jointly developed by the Cyber Security Agency of Singapore, the Ministry of Health, the Health Sciences Authority (HSA) and Synapxe, and follows the completion of a sandbox phase in which 47 medical devices from 19 manufacturers were tested and feedback was collected.