Security and Privacy Assessment for Medical Technical Devices: A Playbook for Evaluating Cybersecurity and Privacy

This thesis presents a detailed assessment methodology for medical devices that use Bluetooth connectivity, incorporating both technical and privacy considerations. The framework, referred to as the playbook, provides a practical guide for Sykehuspartner to better evaluate and mitigate cybersecurity risks before procuring new medical technical equipment connected to applications with Bluetooth. The evaluation of privacy and Application Programming Interface (API) security in the procurement process of medical technical equipment is addressed in the research. The study introduces a playbook divided into four sections: network traffic, Bluetooth security, terms/conditions of use, and token se…