The new ”NIS2” entered into force earlier this month with the aim to improve cybersecurity across sectors in the EU, in which medical device and IVD manufacturers are listed as a critical sector (Annex II, §5b).
DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL .of 14 December 2022
on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive)
DEADLINE: By 17 October 2024, Member States must adopt and publish national requirements which will apply from -18 October 2024-.