top of page

EMERGO by UL to collaborate with MedCrypt for medical device cybersecurity

The mutual referral agreement will help medical device manufacturers meet the FDA's post-market cybersecurity guidelines

EMERGO by UL, a global medical device and healthcare technology consultancy, and proactive healthcare cybersecurity developer MedCrypt today announce an alliance that offers comprehensive cybersecurity regulatory affairs, quality management, and technical solutions for medical device manufacturers. The companies' collaboration will help manufacturers address requirements from the U.S. Food and Drug Administration (FDA) as well as other market regulators for cybersecurity risk management and mitigation capabilities of connected medical devices and systems.

In 2018, the FDA released its pre-and post-market guidelines that outline issues manufacturers need to consider in the design and development of their medical devices to ensure cybersecurity vulnerabilities are adequately addressed. The post- market guidance outlines a risk-based framework to ensure manufacturers could quickly respond to new threats once a device is in use. Under this new mutual referral agreement formed by EMERGO by UL and MedCrypt, the two companies will refer prospective clients to one another and co-market their cybersecurity software solutions, consulting, and risk management services to ensure clients understand and meet the FDA's requirements.

"While the healthcare industry has made significant strides when it comes to cybersecurity, the increase in targeted attacks in the last year alone shows us there is still significant work to be done to make security a top priority," said Mike Kijewski, MedCrypt's CEO. "Healthcare companies and vendors are challenged with determining how to continue to innovate and deliver clinical therapies, but doing so while being secure. This collaboration with EMERGO by UL provides our combined networks of customers with a wider set of services that together ensure security is designed into a device throughout its entire life cycle, which is the best bet we have at moving the needle for better healthcare security."

Since late 2009, The U.S. Department of Health and Human Services (HHS) has required the reporting of data breaches that affect more than 500 patients. The data since then shows a year-over-year increase of reported breach incidents by 23% with hacking incidents now accounting for 2/3 of reported breaches. Additionally, medical device vulnerabilities that are reported regularly by ICS-CERT notes a 109% year over year increase of newly disclosed vulnerabilities.

MedCrypt currently provides enhanced security features for medical products produced by Accuray, Liberate Medical, RefleXion, and more.

About MedCrypt MedCrypt is a San Diego-based company that provides proactive security for healthcare technology. MedCrypt's platform brings core cybersecurity features to medical devices with just a few lines of code, ensuring devices are secure by design. MedCrypt has raised a total of $9.4 million in funding with participation from Eniac Ventures, Section 32, Y Combinator, and more. The company is based in San Diego, California.

For more, please visit

Brenda Manea BAM


Related Links

bottom of page