Building solutions through collaboration to reduce risk in the U.S. biomedical device network
Welcome to MDISS

We are a collaborative and inclusive nonprofit professional organization committed to advancing quality health care with a focus on the safety and security of medical devices. We serve providers, payers, manufacturers, universities, government agencies, technology companies, individuals, patients, patient advocates and associations. Our mission is to protect public health and well-being by advancing computer risk management practices to ensure wide availability of innovative and safe medical devices.
“These [medical device] infections have the potential to greatly affect the world-class patient care that is expected by our customers. In addition to compromising data and the system, these incidents are also extremely costly to the VA in terms of time and money spent cleansing infected medical devices.” Roger Baker Assistant Secretary for Information and Technology Department of Veterans Affairs
Learn more
Latest public documents

This document contains a framework for improving the safety and reliability of software and firmware in medical devices by using fuzzing. Fuzzing is a testing technique for locating unknown vulnerabilities and other defects by sending malformed and unexpected inputs to software.

(Tuesday, June 26, 2012)


MDISS in the news

Partnerships in Medical Device Trials Conference

MDISS Executive Director, Dr. Dale Nordenberg will be a featured speaker at this event. The Partnerships in Medical Device Trials Conference, is an extension of the Partnerships brand, and will take place June 2-4, 2014 in Chicago, IL

(Monday , June 02, 2014)


HIMSS Announces the 2013 mHealth Summit

MDISS encourages you to attend mHealth Summit! Please join MDISS for the two panels that we will be presenting at mHIMSS this year:

  • Market Driven Design and Adoption of Security for Medical Devices
  • Technical Foundations for Security of Mobile Medical Devices

(Friday , October 04, 2013)


Codenomicon joins MDISS to save lives from faulty medical devices

OULU, FINLAND and SARATOGA, CA, USA, June 26, 2012 -- Codenomicon, the leading vendor of proactive security testing software, has joined the Medical Device Innovation, Safety and Security Consortium (MDISS) to enhance the security in solutions and devices in the healthcare industry.

(Tuesday , June 26, 2012)


HIMSS Announces the 2012 mHealth Summit

CHICAGO (February 16, 2012) - The Healthcare Information and Management Systems Society (HIMSS) announced today that the 2012 mHealth Summit will take place Dec. 3 -5 at the Gaylord National Resort and Convention Center in Washington D.C.

(Sunday , February 12, 2012)


Become a member

Our consortium is focused on optimizing the relationship between the quality of health care and the process of assessing and ensuring that devices and systems are secure and functioning in a safe and efficacious manner.

Learn more
Healthcare news

  • Physicians prefer VistA, so should decision makers

    (Thursday, July 24, 2014)

    Let’s start simply with the results. The questions will come later.

    In their 2014 EHR Report—a survey of 18,575 physicians on their EHR preferences—Medscape concludes that doctors like using the VA’s Computerized Provider Record System (CPRS), the core electronic record in the broader VistA platform, more than any other solution.

    Here’s what they said.

    read more


  • Phil Alexander - Privacy & Security Forum 2014 San Diego

    (Thursday, July 24, 2014)

    Phil Alexander, Information Security Officer at UMC and session panelist at the 2014 Privacy & Security Forum in San Diego, discusses the rise of cyber crime and the importance of personalizing employee education around security.

    Thumbnail: 

    read more


  • Standards key to mHealth success

    (Thursday, July 24, 2014)

    No matter where you go, it seems, someone's talking up mHealth.  But according to two two officials with the Institute of Electrical and Electronics Engineers Standards Association, a healthy wariness is in order. 

    read more


  • Hospital hit with $150K breach fine

    (Thursday, July 24, 2014)

    A Rhode Island hospital, who nearly two years ago notified 14,000 patients of a HIPAA breach involving their data, agreed Wednesday to hand over $150,000 to settle allegations that it failed to safeguard patient information. 
     
    The Women & Infants Hospital of Rhode Island, or WIH, will pay the civil penalty to the Massachusetts Attorney General who slapped the hospital with a lawsuit after discovering 12,127 of those patients were Massachusetts residents.