I'd love to hear about experiences with implementing standards and guidance for product cybersecurity, specifically for software as a medical device, please!
My company's processes around this are in need of better organisation and maturity, but there seem to be many,
many potentially applicable standards and guidances. Our devices (one of which is FDA and MDR cleared) are part premise-hosted, part cloud-based, although at present, no personal identifiable data sent between them.
Any advice the RAPS hive mind has on selecting the most relevant/useful standards and guidances for our devices would be gratefully received!
------------------------------
David Arrowsmith
Oxford
United Kingdom
------------------------------