What are the tiers for cybersecurity risk?

BACK TO FAQs
Tier 1 “Higher Cybersecurity Risk”

A device is a Tier 1 device if the following criteria are met:

  • The device is capable of connecting (wired or wirelessly) to another medical or non-medical product, or to a network, or to the Internet; AND
  • A cybersecurity incident affecting the device could directly result in patient harm to multiple patients

Examples include:

  • Implantable cardioverter defibrillators (ICDs)
  • Pacemakers
  • Left ventricular assist devices (LVADs)
  • Brain stimulators and neurostimulators
  • Dialysis devices
  • Infusion and insulin pumps, and the supporting connected systems that interact with these devices such as home monitors and those with command and control functionality such as programmers.
Tier 2 “Standard Cybersecurity Risk”

A medical device for which the criteria for a Tier 1 device are not met.

This cybersecurity risk tiering may not track to FDA’s existing statutory device classifications. For example, based on the manufacturer’s assessment and device design, a class II device such as an infusion pump may meet the criteria for Tier 1 higher cybersecurity risk, while a class III device such as a coronary atherectomy device with no connectivity may meet the criteria for Tier 2 standard cybersecurity risk. The principles and approaches described are broadly applicable to all medical devices and are intended to be consistent with the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity to manage cybersecurity-related risks by focusing on core functions of identify, protect, detect, respond, and recover.

Related Terms:
No items found.
About the Author
Proxima CRO Team
Dora Huang
Intern

Dora Huang is from Houston, TX and is a jack-of-all-trades. Dora is a Regulatory Affairs and Graphics Design Intern for Proxima. She has experience working on projects that vary from engineering water systems to tissue engineering.

Related FAQs:
More Questions? We're here to help!
SPEAK WITH A SPECIALIST