Industry Focus

The healthcare industry is changing and we have the breadth of expertise to help you evolve with it.

Overview
Doctor listening to baby's heart
Next
Previous
Services

Comprehensive service offerings at every point in the product life cycle.

Overview
RAMS®

A platform of digital products to improve, simplify and automate RA/QA activities

Learn more
OPUS™

Emergo by UL's new human factors tool - provides training, tools, and resources.

Learn more
Software

Our software tools offer digital regulatory monitoring for medical device compliance and access to human factors engineering tools.

Overview
News

The latest industry news and insights from our global team.

View all
RADAR : Market Access Newsletter

Stay informed with the most read RA/QA medical device newsletter.

Sign up
TalkingPoints : Human Factors Newsletter

TalkingPoints is a round-up of news, insights, and resources about human factors and usability for medical devices, IVDs, combination products, and more.

Sign up
Resources

Information and tools to advance your business.

View all
Events

Learn from our experts through live events.

View all
Doctor sitting at a desk taking notes from a labtop
Next
Previous
About

Our global consulting team works from 20+ offices on six continents.

Overview
global representation of the Earth
Next
Previous
Switch Language
Two coworkers speaking in a glass conference room

Privacy Security Consulting for Medical Device, IVD Companies

Secure data management to meet HIPAA, GDPR requirements for regulatory compliance

Contact us
Person looking at data on their phone

Data privacy consulting services

Emergo by UL's data privacy team has extensive experience in helping medical device and in-vitro diagnostic manufacturers navigate patient privacy regulatory requirements for global markets. We have in-depth expertise with US and European data privacy requirements and can help you address manufacturer needs for a range of connected devices, including:

  • Medical Devices and accessories
  • In-vitro Diagnostic (IVD) medical devices and accessories
  • Medical Device Data Systems (MDDS)
  • Internet of Medical Things (IoMT) devices
  • Wellness Devices
  • Software as a medical device (SaMD)
Data Privacy & Security Consulting
Learn how we can help you meet the growing risk management, regulatory, and market demands of the digital health space.
Technician in a lab reviewing notes

HIPAA and GDPR Overview
Person standing at a desk looking at documents

HIPAA Regulations
Three people looking at a laptop at work

6 Key Principles of GDPR

Services

Governance and Strategy

  • Implement strategies that fit risk profiles and appetites and enable trusted engagements with customers using privacy and cyber security governance frameworks.
  • Privacy or Cyber Information Security Officer as a Service (CISOaaS or POaaS): Providing on-demand key management roles giving immediate access to an experienced and credentialed team.
  • Privacy and Cybersecurity Assessments: Evaluation of organizational practices, procedures, controls, and systems, providing compliant and practical solutions to promote consumer and regulatory confidence.
  • Vendor Management and Third-Party Risk Assessments: Assessment and Continuous Management of Vendors utilizing standards (ISO 27XXX or NIST) to improve your privacy and security posture.

Design and Deployment

Engaging with developers, designers, engineers, and management to include PbD or SbD frameworks into products and services from the start.

  • Privacy by Design (PbD): Embed PbD on service/product realization lifecycle to deploy products and services capable of meeting privacy expectations.
  • Privacy Impact Assessments: Structured evaluation and corresponding privacy impact of new technologies, products, and services on the management of protected information.
  • Security by Design (SbD): Actionable SbD implementation in products and services.

World-class companies would never accept less than best-in-class regulatory and quality services. That’s why Emergo applies the same ethos and rigor to that deployment of privacy and security services, helping companies address compliance with global security and privacy requirements.

Privacy, data protection and security laws are rapidly evolving in the United States and across the world. In the US, in addition to federally enacted legislation, there are hundreds of state-specific security and privacy laws. In the European Union, with the adoption of GDPR, there is a structured and comprehensive approach. Other countries have mimicked the Europe’s GDPR in their privacy approach. Brazil’s Lei Geral de Proteçao de Dados (LGPD) was modeled directly after GDPR and is nearly identical in terms of scope and applicability, with less harsh financial penalties for non-compliance. Australia or South Korea's Personal Information Protection Act, which includes many GDPR-like provisions such as requirements for gaining consent, the scope of applicable data, appointment of a Chief Privacy Officer, and limitation and justification of data retention periods.

X

Request information from our specialists

Thanks for your interest in our products and services. Let's collect some information so we can connect you with the right person.