Beta

Source: OJ L 2024/2847, 20.11.2024

EN

Recital 25 Exemptions for medical devices

Regulation (EU) 2017/745 of the European Parliament and of the Council(9)Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC (OJ L 117, 5.5.2017, p. 1). lays down rules on medical devices and Regulation (EU) 2017/746 of the European Parliament and of the Council(10)Regulation (EU) 2017/746 of the European Parliament and of the Council of 5 April 2017 on in vitro diagnostic medical devices and repealing Directive 98/79/EC and Commission Decision 2010/227/EU (OJ L 117, 5.5.2017, p. 176). lays down rules on in vitro diagnostic medical devices. Those Regulations address cybersecurity risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; and follow particular approaches that are also addressed in this Regulation. More specifically, Regulations (EU) 2017/745 and (EU) No 2017/746 lay down essential requirements for medical devices that function through an electronic system or that are software means the part of an electronic information system which consists of computer code; themselves. Certain non-embedded software means the part of an electronic information system which consists of computer code; and the whole lifecycle approach are also covered by those Regulations. Those requirements mandate manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; to develop and build their products by applying risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; management principles and by setting out requirements concerning IT security measures, as well as corresponding conformity assessment means the process of verifying whether the essential cybersecurity requirements set out in Annex I have been fulfilled; procedures. Furthermore, specific guidance on cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; for medical devices is in place since December 2019, providing manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; of medical devices, including in vitro diagnostic devices, with guidance on how to fulfil all the relevant essential requirements set out in Annex I to those Regulations with regard to cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881;. Products with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; to which either of those Regulations apply should not therefore be subject to this Regulation.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod