ENISA updates its Good Practice Guide

The European Union Agency for Network and Information Security (‘ENISA’) published an updated version of its National Cyber Security Strategy Good Practice Guide (‘the Guide’) on 14 November 2016, which includes a…


Vulnerability disclosure: ENISA’s guide and the Dutch approach

Huge numbers of cyber attacks exploit vulnerabilities in computer-based systems and yet vulnerability disclosure is not a straightforward matter, as the discoverer of a vulnerability could face legal risk if they report…


‘Privacyschild’ nieuwe basis voor gegevensoverdracht EU – VS?

Vorige week schreef ik dat er nog geen akkoord was omtrent een nieuw regime voor de uitwisseling van persoonsgegevens tussen de VS en de EU. Tijdens de bijeenkomst van de Artikel 29-werkgroep…


More on EU medical devices cybersecurity regulation

In a previous post I promised more on cybersecurity, so here it is. Spoiler alert: the conclusion of this post is that cyber security requirements for medical devices in Europe are currently…


In, on and near body networks EU regulation

I had the pleasure of being invited to speak at the Health IT forum at the MEDICA conference last week on regulation of in, on and near body networks. Most of my…


FDA's draft guidance on cybersecurity: nothing exciting but useful examples

These days I am more and more involved in medical devices software matters: interesting questions about modularisation, whether or not EHRs are medical devices in Europe and negotiation of systems integration agreements…

Navigate through our knowledgebase