During October 2014, a number of press announcements indicated a growing interest by Regulators in the impact that medical devices have upon personal data, and shows an increasing shift in attention on companies in the medical device and medical technology sector.

On the 1st October 2014 the US Food and Drug Administration (FDA) announced that it had finalised recommendations to manufacturers for managing cyber security risks in order to better protect patient health data and information.

In its recent survey about the use of medical devices, the UK Information Commissioner's Office (ICO) has indicated an increase in its attention on similar issues by gathering views on the types of medical devices being used in the UK and how they impact upon the collection and processing of personal data including the need for increased information security.

Conventional medical devices such as pacemakers, and other implanted devices, have for a number of years contained technology that is intended to manage the performance of these devices for the benefit of both the manufacturer and the patient but which raise concerns over the management of patient's personal data. For example, pacemakers may contain RFID chips to enable remote monitoring of the device and the patient but which without suitable controls may lead to infringements of the rights of individuals in respect of their personal data as well as the risk of data security incidents.

Apart from traditional implanted devices there are many m-health applications which are targeted at the management of health information for manufacturers, the medical profession and their patients and such applications are themselves now falling within the definition of medical devices as well as increasing the compliance requirements on manufacturers and providers of those m-health apps.

Reforms in the EU to the Regulations on medical devices have been broadly backed within the last year by the European Parliament and there are detailed drafts of the Regulations for both medical devices as well as in-vitro diagnostic medical devices.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.