Medical devices

Cybersecurity evaluation

Active and IVD devices which are connected, store any data, include any computing, control analog or digital functionality are subject to mandatory assessment and validation of cyber security risk. We execute cybersecurity evaluations based on the strictest accreditations and standards.


Standard, legislation, guidance



Prepare / support the Risk Management File based on Cybersecurity.


Provide expert review of the acceptability of all residual risks for Cybersecurity.


Monitoring the state-of-the-art level of Cybersecurity and reporting regularly.


Support and review the Information for Use based on Cybersecurity

EN 60601-1 és

EN 62304

IEC 82304-1 és EN 62304

Change or create design and development procedures for Cyber Security

EN 62304

(IEC 62304)

Evaluation of Cyber Security aspects of software requirements:

·        software architecture security analysis,

·        safety review of risk analysis.

IEC/TR 60601-4-5

(IEC 62443-4-2)

Safety aspects of medical devices, support for safety level classification

ISO/IEC 27001

ISO/IEC 27002

Development and certification support of Information Security Management System


Conformity assessment support - MDR

MDR Art. 15 (9)

IX., XI. A.

ISO 13485





Implementation of quality management system:

·        preparation of documentation,

·        introductory education,

·        internal audit,

·        management review.


Preparation of the Technical Documentation:

·        device description,

·        information to be supplied by the manufacturer,

·        design and manufacturing information,

·        general safety and performance requirements checklist,

·        benefit-risk analysis and risk management,

·        Product verification and validation support.


Preparation of technical documentation on post-market surveillance:

·        post-market surveillance plan,

·        Periodic safety update report,

·        post-market surveillance report.



Preparation of the Clinical Evaluation:

·        Clinical evaluation plan,

·        Clinical evaluation report,

·        Post Market Clinical Follow-up (PMCF) plan,

·        Post Market Clinical Follow-up (PMCF) report.

ISO 10993-1

ISO 10993-18

Preparation of the Biological Evaluation Report:

·        preparation of the biological evaluation strategy,

·        characterization of materials,

·        selection of studies or justification for omitting studies,

·        toxicological risk assessment,

·        summary evaluation of biocompatibility.


EN 62366-1

Supporting of the Usability Engineering Process:

·        compilation of the Usability Engineering File,

·        associated risk evaluation.

MDR Art. 15 (9)

IX., XI. A.

ISO 13485

Perform audits:

·        CE (MDR) internal audit,

·        ISO 13485 internal audit,

·        supplier audit.


Conformity assessment support - RoHS

RoHS Article 7. b)

Support for internal production control procedure:

·        development of technical documentation,

·        supplementing the quality management system with RoHS requirements.


Conformity assessment support – production equipment (machines)

RoHS Article 7. b)

Defining the requirements for the placing on the market or putting into service of production equipment:

·        legislations,

·        harmonized standards,

·        conformity assessment procedure,

·        manufacturers or operator tasks.



Compilation of technical documentation in accordance with the relevant legislations:

·        list of applicable harmonized and other standards,

·        risk evaluation documentation,

·        drawings, wiring diagrams,

·        user documentation,

·        EU declaration of conformity.