https://www.johner-institut.de/blog/regulatory-affairs/datensicherheit-und-datenschutz-fuer-diga/
includes overview on regulatory requirements:
- MDR
- DVG
- DIGAV
- BSI 200-1 BSI-Standard 200-1, Managementsysteme für die Informationssicherheit
- BSI 200-2 BSI-Standard 200-2, IT-Grundschutz-Methodik
- BSI TR03161 Sicherheitsanforderungen an digitale Gesundheitsanwendungen
- ISO 27001:2017
- ISO/IEC 82304-1 Gesundheitssoftware – Teil 1: Allgemeine Anforderungen für die Produktsicherheit
- ISO/IEC 82304-2 Health Software – Part 2: Health and wellness apps – Quality and reliability [future – includes a “seal”]
- IEC 8001-5-1 Safety, security and effectiveness in the implementation and use of connected medical devices or connected health software – Part 5-1: Security – Activities in the product lifecycle