IT Evaluation & Assessment
Medical Devices IEEE 2621
Consult our experts. We are happy to support you.
The IEEE Medical Device Cybersecurity Certification Program is maintained by the IEEE 2621 Conformity Assessment Committee (CAC), an organization composed of manufacturers, clinicians, FDA, test laboratories, cybersecurity solution providers, and industry associations from around the world.
The IEEE 2621 series of standards currently covers certification for wireless diabetes devices including:
- blood glucose monitors (BGM),
- continuous glucose monitors (CGM),
- insulin pumps, smart insulin pens, and
- automated insulin dosing systems (AID)
Authoritative websites:
What atsec offers:
atsec has IEEE authorized laboratories in Sweden, the US, and Germany, each able to provide medical device evaluation at the Basic-Enhanced Assurance Package and Moderate Assurance Package levels.
For both the Basic-Enhanced Assurance Package and Moderate Assurance Package:
- The manufacturer submits representative product samples to an authorized test laboratory.
- The manufacturer applies for certification to the Certification Body (CB).
- The authorized laboratory conducts security requirement analysis as well as vulnerability and penetration testing.
- The authorized laboratory sends the Evaluation Technical Report (ETR) to the CB.
- The CB reviews all submitted reports and makes decision on certification.
Why our services are important to you:
atsec’s IEEE 2621 portfolio encompasses the entirety of the IEEE certification process. We provide the following services:
- Performing a readiness assessment to estimate the level of effort required to successfully comply with IEEE 2621
- Developing a Security Target
- Conducting product evaluation, including security requirement analysis, and vulnerability and penetration testing
Still have questions?
Can’t find what you’re looking for? Let’s talk!
Common Criteria Evaluation
The Common Criteria (CC), also known as ISO 15408, is an internationally recognized standard used to specify and assess the security of IT products.
FIPS 140-3 Testing
FIPS 140-3 specifies requirements related to securely designing and implementing cryptographic modules, and compliance is increasingly mandatory worldwide.
Cryptographic Algorithm Testing
Testing that cryptographic algorithms are implemented correctly is a prerequisite for FIPS 140-3 cryptographic module testing and NIAP Common Criteria evaluations.
The Information Security Provider
Read Our Latest Blog Articles
Learn the latest and greatest about information security. You’ll find insights and analyses of recent developments in technology and policy on our blog.
-
atsec’s Yi Mao Interviewed on the TopCyberPro Podcast
Written by Evan Barnett Dr. Yi Mao, CEO of atsec information security US, recently joined host Jim West on the TopCyberPro podcast to discuss the Common Criteria and FIPS standards. They went into the fundamentals and history of each standard before diving into the impacts and implications of…
-
atsec Presenting at the 2024 PCI Community Meeting
Written by Yan Liu atsec will participate in the PCI (Payment Card Industry) Security Standards Council 2024 Asia-Pacific Community Meeting held in Hanoi, Vietnam, on the 20th and 21st of November and will host a booth, as we have in previous years. atsec’s principal consultants Yan Liu and…
-
Exciting Milestone: First atsec Cybersecurity Certificates Issued for Common Criteria
Written by Rasma Mozuraite Araby We are thrilled to announce that atsec’s Certification Body (CB) officially issued its first cybersecurity certificates for Common Criteria. This achievement represents atsec’s readiness for the upcoming European Cybersecurity Certification Scheme (EUCC), positioning our Certification Body at the forefront of cybersecurity compliance in…