Length: 2 Days
Print Friendly, PDF & Email

AAMI TIR97:2019 – Principles for Medical Device Security: Postmarket Risk Management for Device Manufacturers Training by Tonex

This course explores the principles outlined in AAMI TIR97:2019, focusing on managing cybersecurity risks for medical devices in the postmarket phase. Participants will learn practical strategies for identifying, mitigating, and responding to cybersecurity threats, ensuring compliance with regulatory expectations, and maintaining device security throughout its lifecycle.

Learning Objectives

By the end of this course, participants will be able to:

  • Understand the principles and application of AAMI TIR97:2019.
  • Identify and assess cybersecurity risks in the postmarket phase of medical devices.
  • Implement mitigation strategies to address identified vulnerabilities.
  • Develop and maintain incident response plans for medical device security events.
  • Align postmarket cybersecurity practices with regulatory and industry standards.
  • Establish continuous monitoring and improvement processes for device security.
  • Communicate effectively with stakeholders regarding postmarket cybersecurity risks and solutions.

Audience

This course is ideal for:

  • Medical Device Manufacturers: Professionals responsible for device design, manufacturing, and postmarket activities.
  • Cybersecurity Specialists: Experts involved in protecting medical devices from cyber threats.
  • Regulatory Affairs Professionals: Individuals managing compliance with FDA, ISO, and other regulations.
  • Quality Assurance (QA) Managers: Those ensuring medical device quality and security throughout its lifecycle.
  • Risk Management Teams: Professionals analyzing and mitigating cybersecurity risks for deployed devices.
  • Healthcare IT and Security Professionals: Stakeholders supporting secure deployment and integration of medical devices.

Course Modules:

Day 1: Foundations of Postmarket Cybersecurity

Module 1: Introduction to AAMI TIR97:2019

  • Purpose and scope of AAMI TIR97:2019
  • Importance of postmarket cybersecurity in medical devices
  • Key definitions and concepts in postmarket risk management

Module 2: Cybersecurity Threats in Medical Devices

  • Types of cybersecurity threats targeting medical devices
  • Real-world examples of postmarket vulnerabilities and attacks
  • Emerging trends in cybersecurity threats

Module 3: Postmarket Risk Management Framework

  • Overview of risk management principles in TIR97:2019
  • Integration with ISO 14971 and FDA guidance on postmarket cybersecurity
  • Tools for evaluating and managing risks after market release

Module 4: Security Risk Assessment in the Postmarket Phase

  • Conducting vulnerability assessments for deployed devices
  • Identifying critical cybersecurity risks and their potential impact
  • Case Study: Analyzing postmarket risks for a medical device

Day 1 Workshop:

  • Participants will work in groups to identify vulnerabilities in a hypothetical medical device, assess the associated risks, and propose mitigation strategies based on AAMI TIR97:2019.

Day 2: Implementing and Maintaining Postmarket Security

Module 5: Mitigation Strategies for Identified Risks

  • Practical approaches to addressing postmarket vulnerabilities
  • Developing and implementing patches, updates, and mitigations
  • Risk communication with stakeholders, including users and regulators

Module 6: Cybersecurity Incident Response Planning

  • Building an effective postmarket incident response plan
  • Monitoring, detecting, and responding to cybersecurity events
  • Coordination with regulatory bodies and external stakeholders

Module 7: Lifecycle Management for Device Security

  • Continuous monitoring and maintenance of medical device security
  • Leveraging lessons learned for future device designs
  • Importance of stakeholder engagement and feedback loops

Module 8: Workshop and Certification

  • Simulation: Develop a postmarket risk management plan for a medical device, including mitigation strategies, communication plans, and incident response.
  • Feedback and debrief on workshop results.

Certificate of Completion for the AAMI TIR97:2019 course

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.