Approaching Cybersecurity & Usability as a SaMD Company

Artwork for podcast Global Medical Device Podcast powered by Greenlight Guru

Episode 264 • 27th May 2022 • Global Medical Device Podcast powered by Greenlight Guru • Greenlight Guru + Medical Device Entrepreneurs

How do you balance security and usability of software as a medical device (SaMD)? It’s not easy and trade-offs may need to be made by device companies in order to give users what they want and need to safely use it as intended.

In this episode of the Global Medical Device Podcast Etienne Nichols talks to Abbas Dhilawala, a cybersecurity and SaMD expert with Galen Data, about a new approach to cybersecurity and usability for SaMD companies to ensure products are both secure and user-friendly.

Abbas has 18 years of experience developing enterprise-grade software for the medical device industry and is well-versed with technology, industry standards, and the privacy of data.

Some of the highlights of this episode include:

Usability and human factors testing standards exist. However, there’s no standard approach to follow for cybersecurity. Abbas’s approach is to obtain user feedback as soon as possible for SaMD to still be secure and user-friendly.
Different kinds of users in the healthcare spectrum can be trained to use SaMD, including hospital staff and patients - depending on their level of trust and understanding of technology.
Potential Pitfalls: Classification and credential layers, such as permissions and passwords, can put the security burden on the users but leads to the need for risk assessment/management for possible harm.
Biometrics: Cutting-edge technology, such as fingerprint, eye, and face scanning is not as secure, reliable, or consistent, but it’s getting better. Always have a backup plan.
Key Takeaway: There’s a lot of push on cybersecurity, but don’t take away the convenience or the usability aspect. Find a way to balance both usability and cybersecurity.