Is the software imbedded in your medical equipment vulnerable to a cyber attack? Equipment running older software is much more vulnerable to cyberattack. Older software may be imbedded in medical devices and may require regular updates. Find out if it is possible? Whose responsibility, is it? Often the warranties have run out and the manufacturer says it is the client’s responsibility. Updating software may not part of routine maintenance.
Do you check? Who would check? IT? Procurement? Quality and Regulatory? Is there a maintenance program in place? Who ensures that it is followed?
If you do not know the answers to these questions it is time to find out.