SelectEvidence®

Connected Medical Device Challenge

FDA guidance for design considerations, premarket submission, and postmarket management of cybersecurity in medical devices requires rigorous attention to security throughout the entire product life cycle.

Healthcare Providers inquiries regarding the security of connected medical devices are becoming increasingly more rigorous. This continues to impact the manufacturer sales cycles as healthcare providers more frequently identify security as a significant factor/contingency in their procurement decisions.

For manufacturers, manual security risk assessment processes for connected devices are labor-intensive, often spreadsheet-based, non-standardized, and provide only a “snapshot in time” view of any given product. With the continuously evolving threat landscape, the process of ongoing vulnerability monitoring, identification and mitigation identification becomes unmanageable.

Manufacturer reputations and sales performance are predicated on maintaining and assuring the highest levels of patient safety.

Nova Leah and our SelectEvidence® solution were designed to address each of these challenges in the most efficient and cost effective manner.

The SelectEvidence® Solution

SelectEvidence® is an expert cybersecurity risk assessment platform that guides medical device manufacturers through the processes of identifying applicable threats to their products and implementing the right security controls to mitigate those threats. SelectEvidence® provides manufacturers with an intelligent, standardized, repeatable and traceable approach to implementing cybersecurity requirements across for connected medical devices. Your organization will benefit from the following…

INTELLIGENT AND ACCELERATED ANALYSIS:

Proprietary algorithms inform the analysis

DECISION SUPPORT:

Suggests mitigations relating to specific vulnerabilities identified

CONTINUOUS MONITORING AND ALERTS:

Scanning 120k plus vulnerabilities in real time

VULNERABILITY MONITORING:

Identify vulnerabilities specific to device sBoM

SOFTWARE BILL OF MATERIALS:

Auto ingestion of device software bill of materials (sBoM) to get you up and running quickly

CUSTOMER REPORTING:

Flexible to meet your specific requirements

SUBMISSION DOCUMENTATION:

Support Regulatory Affairs teams by creating 510k and other submission documents at the push of a button

TRACIBILITY:

History log captures all changes to the risk assessment. Omissions log tracks rationales for information excluded from the assessment

CENTRALIZED EXPERT PLATFORM:

Everything in one place with dashboard visibility

SCALE AND HARMONIZATION:

Align process across business silos and increase visibility for leadership

STANDARDS-BASED:

Link your security data to up to date industry standards and leverage repositories for controls, threats and vulnerabilities

Benefits

Leveraging SelectEvidence® as an integral part of your product development life cycle for security risk assessment will assure that your connected medical devices meet FDA Premarket Submission and Postmarket Management guidelines. In addition, SelectEvidence® performs ongoing vulnerability monitoring ensuring any potential vulnerabilities are being identified proactively. As soon as SelectEvidence® identifies potential vulnerabilities, an email notification is sent to your development and support teams immediately, thus affording you the opportunity to respond to and mitigate potential risks on a timely basis.

The Bottom Line

SelectEvidence® enables you to:

  • Fulfill FDA requirements;
  • Streamline FDA market approvals and assessments;
  • Reduce the cost to develop a product;
  • Reduce the time-to-market for devices;
  • Prevent the likelihood of recalls due to cybersecurity vulnerabilities;
  • Ensure compliance with standards, best practice and future legislation;
  • Provide documentary evidence of compliance to regulators, auditors and customers.

The medical device cybersecurity compliance and risk management experts