October 30, 2018 – Burlingame, CA – Diabetes Technology Society today announced that the first FDA Cleared insulin pump has received certification under the Diabetes Technology Society’s “Standard for Wireless Diabetes Device Security” cybersecurity assurance standard and program, known as DTSec. This distinction goes to Insulet Corporation’s Omnipod DASH™ Insulin Management System. https://www.diabetestechnology.org/dtsec/omnipod-dash-dtsec-certificate.pdf
DTSec is the first consensus cybersecurity standard for connected diabetes devices with input from academia, industry, government, and clinical centers of excellence. Established by DTS in 2016, the goal of DTSec is to raise confidence in the security of connected medical devices through independent expert security evaluation. https://www.diabetestechnology.org/dtsec.shtml
DTSec leverages ISO/IEC 15408 to provide a framework for risk-based, multi-stakeholder definition of security requirements in the form of DTSec-published Protection Profiles (PPs) and product-specific Security Targets (STs), derived from the PP. DTSec-approved labs evaluate the products against the prescribed security requirements. DTSec certifications provide users of connected diabetes devices with confidence that the products include the security protections claimed by its developers. Insulet Corporation’s Omnipod DASH™ System was evaluated by TUV Rheinland, a DTSec-approved security testing lab.
According to Dr. David Klonoff, Clinical Professor of Medicine at UCSF and Chair of the DTSec steering committee, “Certification per the DTSec Standard demonstrates a commitment to cybersecurity by the manufacturer of this connected wireless insulin pump system. The Omnipod DASH™ System is part of the Internet of Medical Things and is the first insulin pump system to be DTSec-certified. Diabetes Technology Society commends Insulet Corporation’s dedication to improved safety and security demonstrated by achieving this important milestone.”
According to Dr. Aiman Abdel-Malek, Executive Vice President & Chief Technology Officer at Insulet, “We are highly supportive of DTS’ efforts in pushing commercial best practice guidance for cybersecurity in the connected medical device systems space. We are committed to remaining at the forefront of best-in-class standards for security to ensure patients’ safety and privacy.”