On 16 October 2024, the Cybersecurity Labelling Scheme for Medical Devices (CLS [MD]) was officially launched, following a successful development by collaboration between the Cyber Security Agency of Singapore (CSA), the Ministry of Health (MOH), Health Science Authority (HSA), and Synapxe. CLS (MD) has undergone the sandbox phase for 9 months, from October 2023 until July 2024, with the participation of a total of 47 applications across all four levels from 19 medical device manufacturers. All requirements and processes in this scheme have been refined based on the collected feedback during the phase.
Before entering the Singapore market, medical devices must be registered with the HSA and comply with regulatory requirements, including cybersecurity measures, before they can be imported, distributed, or sold locally. With the growing connectivity of medical devices to hospital and home networks, authorities have reinforced cybersecurity by introducing the CLS(MD). This initiative encourages manufacturers to adopt a security-by-design approach, enhancing device security and safeguarding public health.
The scheme consists of 4 levels, with each level indicating progressively rigorous testing and assessment that the medical devices have undergone.
Medical devices included under the CLS(MD) are outlined in the First Schedule of the Singapore Health Products Act. These devices are designed to manage personally identifiable information, clinical data, or have connectivity capabilities with other devices, systems, or services. Applications for the CLS(MD) can now be submitted through the GoBusiness platform.
Comments