Medical Technology Innovator

About This Project

A growing medical technology organisation with innovative lung imaging capability delivering reporting via a Software as a Service solution, needs to maintain compliance with NIST, ISO27001 and HIPAA.


Imaging the lung in motion (animated)

 

The Situation

Our client is a global medical technology company aiming to change the outcome for patients with lung disease by revolutionising respiratory imaging and ventilation analysis. Their SaaS based solution allows for medical imaging data to be transferred to our client for processing and reporting.

While navigating Food and Drug Administration (FDA) approval processes in the United States, our client needed to consider the cybersecurity requirements of their product in order to satisfy the FDA, ensure appropriate risk and reputation management and to inform the market as they seek a technology platform provider.

 

The Approach

Information Professionals Group developed a Cybersecurity Reference Architecture, product security requirements, and cyber solutions architecture in addition to providing inputs into the successful FDA submission around cybersecurity.

Specifically, the Cybersecurity Architecture needed to consider:

  • A solution that wasn’t overly prescriptive to lock in suppliers
  • The right blend of business risk, balancing both commercial requirements and FDA standards

We’ve continued to work with our client by performing Threat and Risk assessments on their service delivery solution, solution development and corporate functions.

Our most recent project has been working with our client’s team to establish ISO27000 Cyber Governance via an Information Security Management System (ISMS), which is being integrated with the organisations QMS.

 

The Impact

The developed solution was compliant with both the needs of the client and the regulator, with a full FDA approval being achieved. This approval allowed for the launch of the first element of our client’s technology, which will revolutionise the diagnosis and treatment of lung disease across the globe.

Thanks to the collaborative approach between Information Professionals Group and our client’s internal team, the client has been able to realise a significant uplift in their technical and business capability.

NB. We do not publish the names of our cybersecurity clients. We can discuss them with you on further enquiry.
Client

Undisclosed

Industry

Medical Technology

Capabilities Delivered
  • Enterprise Cyber Strategy
  • Threat and Risk Assessment
  • Vulnerabilities Assessment
  • ISACA Certified Information Security Credentials
  • NIST, ISO27001/2, HIPAA and the ability to digest and understand FDA requirements
Client Wins
  • Successful FDA approval
  • Implementation of key technology components including IAM, Data Loss Prevention, Privileged Access Management and Cloud Access Service Broker
  • ISO27001 Information Security Management System
Category
Growing Companies, Health & Community Services, RISK & CYBERSECURITY