Secure Medical Device Procurement


Instructors: Nick Sikorski, Phil Englert
Product ID: 706003
Training Level: Basic

  • Duration: 60 Min
This Medical Device Security webinar will focus on industry leading practices to assist healthcare delivery organizations (HDOs) with the integration of security into medical device procurement to inform procurement decisions, contractual requirements, and compensating controls. Also attendees will learn the required steps involved in the procurement process, some of which include vendor-level and product-level assessments, contractual requirements, and publicly available resources to assist with standardization.
Last Recorded Date: May-2019


1 Person Unlimited viewing for 6 month info Recorded Link and Ref. material will be available in My CO Section
(For multiple locations contact Customer Care)

Downloadable file is for usage in one location only. info Downloadable link along with the materials will be emailed within 2 business days
(For multiple locations contact Customer Care)



Customer Care

Fax: +1-650-362-2367

Email: [email protected]

Read Frequently Asked Questions

Why Should You Attend:

Medical device security risk has become an executive management issue, requiring commitment and funding to develop proactive procurement processes and controls to decrease the risks of potential harm to patients and threats to hospital networks. Incorporating a new and consistent approach for procuring connected medical devices and gaining visibility into their risk is critical in identifying and addressing risks to safety, security, and privacy.

For many healthcare delivery organizations, security is an afterthought when procuring medical devices and is the responsibility of healthcare technology management and information technology to secure the devices when put into the healthcare delivery organization environment. Many of those who do include security within procurement have proprietary questionnaires that are unique to each individual healthcare delivery organization.

Considerations offered and discussed will be related to how to integrate security into device procurement and take a risk-based approach to acquiring and fielding devices based on specifications, published guidance, and insights from industry leading practices.

Areas Covered in the Webinar:

  1. Medical device security landscape
  2. Medical device manufacturer leading practices
  3. Overview of security integration with device procurement
  4. Vendor-level assessment approach and available resources
  5. Device-level assessment approach and available resources
  6. Security questionnaire
  7. Security risk assessment
  8. Technical security testing
  9. Inclusion of security into contractual terms and available resources

Who Will Benefit:

  • CIO
  • CISO
  • Healthcare Technology Management (HTM)
  • Clinical Engineering
  • Information Technology
  • Procurement
  • Medical Device Manufacturer Product Security
Instructor Profile:
Nick Sikorski

Nick Sikorski
Manager, Deloitte & Touche LLP

Nick Sikorski, Manager, Deloitte & Touche LLP

  • Global Strategy and Solutions Leader for Deloitte & Touche’s Product Safety and Security practice responsible for securing connected products across various industries
  • Primarily works with Medical Device Manufacturers and Healthcare Providers designing, developing, and implementing enterprise level Product Security Programs
  • Extensive experience assisting product manufacturers and consumer organizations with the securing of their connected products throughout the product lifecycle
  • With product manufacturers, Nick has worked to implement security and privacy by design practices and to conduct postmarket patch and vulnerability management
  • With consumer organizations (e.g., healthcare providers), Nick has worked to integrate security into product procurement and to implement asset management, vulnerability monitoring, and risk management practices
  • Beyond consulting, Nick is active across the life sciences and health care industry through his work on the Association for the Advancement of Medical Instrumentation’s (AAMI) medical device security workgroup
  • Nick received a B.S. degree in Civil Engineering from the University of Notre Dame and holds Certified Information Systems Security Professional (CISSP) and Certified Secure Software Lifecycle Professional (CSSLP) credentials
Instructor Profile:
Phil Englert

Phil Englert
Specialist Leader, Deloitte & Touche LLP

Phil Englert, Specialist Leader, Deloitte & Touche LLP

  • Over 23 years of operational leadership for a large healthcare system
  • While primarily focused on leading strategy, operations, and security for healthcare technology management, additional responsibilities included leading the enterprise business resilience effort, and key roles in IT security governance, incident response, and IT security standards
  • Provided active governance and oversight roles for data privacy, protection, and enterprise response to data related incidents, which included incident analysis, responses based on impacted data sets and exploit vectors and governance requirements
  • Provided key leadership in the development and delivery of a cooperative and integrated Clinical Engineering, IT Security, Legal, and Corporate Responsibility effort enabling a comprehensive medical device security program and ensured sustaining the mission in a cyber-hostile environment
  • Technical and management experience with manufacturing and third party service organizations and has lead strategy, operations, and security for healthcare delivery vertical
  • Lead multidisciplinary teams to assess and address medical device security, developed operational and quality benchmarking programs, and created and delivered successful life cycle management strategies
  • A key leader in strategy and tactics development for $250M multifunctional services organization supporting over 100 Acute Care facilities in 20 states
  • Championed the First Initiatives extended warranty program, resulting in more than $20M savings
  • Fostered key vendor relationships & negotiated master agreement terms that altered service delivery across the industry
  • Developed collaborative and flexible partnerships enabling optimal engagement in an evolving market
Follow us :



Refund Policy

Our refund policy is governed by individual products and services refund policy mentioned against each of offerings. However in absence of specific refund policy of an offering below refund policy will be effective.
Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance. ComplianceOnline would process/provide refund if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange. Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs. Substitutions can happen any time. On-Demand Recording purchases will not be refunded as it is available for immediate streaming. However if you are not able to view the webinar or you have any concern about the content of the webinar please contact us at below email or by call mentioning your feedback for resolution of the matter. We respect feedback/opinions of our customers which enables us to improve our products and services. To contact us please email [email protected] call +1-888-717-2436 (Toll Free).




6201 America Center Drive Suite 240, San Jose, CA 95002, USA

Follow Us

facebook twitter linkedin youtube


Copyright © 2023 MetricStream
Our Policies: Terms of use | Privacy

PAYMENT METHOD: 100% Secure Transaction

payment method