Lexology December 18, 2025
Halock Security Labs

​Surgical and medical devices, plus AI is complex because regulations for this technology exist in different buckets, not one comprehensive rulebook. These buckets include healthcare privacy/security, cybersecurity, device safety, product compliance, etc. The various regulation types to be aware of and the reasons why each is relevant are essential when managing risk.

Healthcare privacy and security regulations: This is the starting point. In the United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the HIPAA Security Rule are the regulations that spell out expectations around the management and protection of electronic protected health information (PHI). While not directly a medical device regulation, HIPAA covers medical devices any time PHI is created, stored, transmitted, or integrated with...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: AI (Artificial Intelligence), Cybersecurity, Medical Devices, Technology
Related Articles:
‘Complexity is where cyber risk tends to grow’
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Your Organization Isn’t Cyber Ready... It Just Thinks It Is
HHS-OIG Report Highlights Key HHS Cybersecurity Challenges
NIST is rethinking its role in analyzing software vulnerabilities

Share Article