A new joint CEN-CENELEC Workshop is being planned as part of the activities of the EU project “CYMEDSEC” - “Enhanced Cybersecurity for Networked Medical Devices through Optimisation of Guidelines, Standards, Risk Management and Security by Design”. This project is focussed on cybersecurity in Europe’s healthcare systems and revolutionizing patient care.
Cyberattacks on healthcare have been increasing. This is an alarming trend as it means patient security, medical infrastructure and healthcare supply chains can be put at risk. The CYMEDSEC project aims to balance safety with innovation by enhancing cybersecurity across multiple layers of patient monitoring and care. Focussing on the Internet of Medical Things (IoMT), the consortium of experts from across numerous industries and academia are helping to innovate and deeply transform our healthcare experience and well-being.
Within the CYMEDSEC project, IoMT devices are being created to:
- Empower real-time patient monitoring;
- Enhance diagnostic accuracy;
- Personalize treatment plans;
- Promote patient engagement in their healthcare journey.
The proposed CEN-CENELEC Workshop will add an important dimension to the aims of the CYMEDSEC patient health transformative endeavour. Its focus will be on the information security management of connected medical devices (cMDs) in relation to data processing and privacy-related governance. As such it will describe a framework that supports continuous security, monitoring, and testing of all components within the cMD ecosystem. The workshop will explore relevant issues related to medical devices hardware and software, intermediary components (e.g. data transfer hubs), associated services such as health IT systems, and Artificial Intelligence (AI) and Machine Learning (ML) models.
The resulting CWA will help to address the critical gaps that still exist in relation to connected medical devices and how they interface with the rapid evolution of healthcare technology. It will target:
- The integration of DevSecOps principles into the device lifecycle;
- The extension of MLOps to address AI/ML specific-risks;
- The incorporation of ecosystem-wide monitoring and testing for security, privacy and interoperability.
In so doing, it will form a complementary offering to the existing international and European standards related to health and medical devices. By presenting a process-oriented framework, the CWA will help to protect sensitive health data and maintain trust and resilience in cMD technologies.
The kick-off meeting for the Workshop will be a hybrid format and will take place in person at the Athena Research Center, Aigialias & Chalepa, 15125, Marousi, Greece and online on 30th June 2026 from 9.30 am to 2.00 pm (CEST).
All interested parties are invited to submit comments on the draft Project Plan using the commenting form below, to the Workshop Secretary, Stefan Solé (s.sole@austrian-standards.at), by 7th June, 2026.
Download the documents:
