MedTech devices and connectivity – Mission impossible?

The requirements placed on MedTech products are incredibly high. This is due to regulations such as the European Union's Medical Device Regulation (MDR). Strict regulation also applies connectivity of the devices. 

Today, a growing number of MedTech devices are connected to hospital networks or directly to the internet also for use at home. The devices are made to securely and reliably track, for example, blood pressure or blood sugar at home. The devices can be categorized as the Internet of Medical Things (IoMT). MedTech market grows, and also new innovative startups step in.

"Earlier, when devices’ functionalities did not depend on the software, and there was no connectivity, it was possible to create devices with a smaller team. Nowadays we need large groups of experts for every stage of product development", says Antti Tolvanen, Sales Director for Software & Embedded at Etteplan.

Bringing in connectivity and AI in medical device

Connected MedTech devices are improving patient care, but at the same time, connectivity is making devices more vulnerable to cybersecurity incidents that can put patients and consumers at risk. MedTech companies must manage product cybersecurity risks.

While the regulatory requirements are increasing, functionalities that rely on AI and connectivity also make medical technology devices more complex.

The growing need for expertise can become a problem for companies that want to develop everything in-house. Nowadays, an increasing number of MedTech/IoMT devices are developed by utilizing a partnership model. This allows MedTech companies to complement their in-house expertise with any specific competencies required to make it to the market successfully.

Remember to take cybersecurity seriously

The more complex a connected device is, the more important it is to take care of its cybersecurity. The standards of cybersecurity are even higher when AI is involved. Organizations responsible for assessing the devices, Notified bodies will go through the technical file, the design files, and the cybersecurity documents before granting marketing authorization.

It is also wise to keep in mind that after the recently published General Product Safety Regulation proposal becomes effective in the EU, it will no longer be feasible to put any products into the market. This regulation includes medical devices without appropriate cybersecurity features.

"Companies should not attempt to build security infrastructure by themselves as it is expensive, inefficient, and always requires extensive expertise unless the security infrastructure is the company's core competence", says Etteplan's Antti Tolvanen.

For more tips on how to get your MedTech devices to market, download our guide book

Antti Tolvanen

Antti Tolvanen

Sales Director Software & Embedded Solutions
+358 45 864 3579
Send e-mail

Ask Antti Tolvanen a question or challenge us

When you submit this form, our specialist will be in touch with you by email or telephone. By submitting the form you accept our Privacy Policy.

More stories you might like