×

Natus Trust Center

Natus Product Security Program

Evolving product security for evolving threats.

At Natus, we take our responsibility to patient safety and digital security seriously.

We believe that a strong and robust product security program for cybersecurity is essential to ensure that our medical devices are safe and effective throughout their entire lifecycle.
We understand the potential risks that cybersecurity threats can pose to our devices and recognize that these threats are constantly evolving.

Natus is committed to continuously evolving our product security program to keep up with the ever-evolving threat landscape.

IT Security

Our approach is based on a risk-based framework that enables us to identify and prioritize potential risks based on their likelihood and impact.

This framework guides our development and testing processes, and we continuously monitor and evaluate our devices throughout their lifecycle to ensure that they remain secure. Our program is designed to ensure that security is considered from the concept phase of our devices, all the way through to end-of-life disposal.

IT Professional

Natus continues to implement reasonable administrative, technical, and physical safeguards to help protect against security incidents and data breaches involving a Natus product, provided those products are used in accordance with the product’s instructions for use and applicable product security white papers for the intended use environment. However, as systems and threats evolve, no system can be protected against all vulnerabilities, and we consider our customers the most important partner in maintaining security and privacy safeguards. If you have any concerns, we ask that you bring them to our attention, and we will investigate. Where appropriate, we will address the issue with product changes, product security bulletins, product security advisories, and/or responsible disclosures to customers and regulators.

 

Natus continuously strives to improve security throughout the product lifecycle using practices such as:

  • Secure by design and security retrofit
  • Product security risk management
  • Security controls appropriate to data types
  • Secure coding and system hardening industry standards
  • Robustness testing, vulnerability scanning and third-party testing
  • Incident response and vulnerability management
  • Timely updates and patch management
  • Transparent customer communication

 

Our commitment to building a strong and robust product security program for cybersecurity is a fundamental part of our mission to deliver safe and effective medical devices to patients.

Security Bulletins & Disclosures