1 Scope

1.1 This security evaluation standard applies to the testing of network connectable components of healthcare systems. It applies to, but is not limited to, the following key components:

1. a) Medical devices;

2. b) Accessories to medical devices;

3. c) Medical device data systems;

4. d) In vitro diagnostic devices;

5. e) Health information technology;

6. f) Wellness devices; and

7. g) All software components used for the secure operation of the device, wherever they may reside, including remote assets.

Note – Combinations of the technologies listed here may be applied to such solutions as “telemedicine,” where a single solution may contain both regulated and unregulated components.

Summary of Topics

This revision for ANSI/CAN/UL 2900-2-1, dated September 21, 2023, includes the following changes in requirements:

– Updates to UL 2900-2-1 Based on Changes to UL 2900-1; 12.1.3, 12.2.1, 12.4.3.3, Section 13, Section 13A, 16.12, 17.1, Section 18, 19.2, 19.3, 20.4.1 and Annex A