Manufacturer Disclosure Statement for Medical Device Security (MDS2)

Understand medical device security risks by using the Manufacturer Disclosure Statement for Medical Device Security (MDS2) in your procurement process.

Originally developed by HIMSS and the American College of Clinical Engineering (ACCE), and then standardized through a joint effort between HIMSS and the National Electrical Manufacturers Association (NEMA), the MDS2 form provides medical device manufacturers with a means for disclosing to healthcare providers the security related features of the medical devices they manufacture. 

The MDS2 form can be used as a tool in an organization’s risk assessment process by providing healthcare entities with the information they need to assess the vulnerabilities and risks associated with protecting the health information created, received, transmitted or maintained by medical devices.

Key benefits of using the standardized MDS2 form include:

  • Providing a comprehensive set of medical device security questions developed through broad stakeholder participation and medical device vendor buy-in
  • Allowing for easy comparison of security features across different devices and different manufacturers
  • Facilitating the review of the large volume of security-related information supplied by the manufacturers

Download a copy of the joint MDS2 form today!

HIMSS Cybersecurity Hub

A new flagship component of the HIMSS Innovation Center, is a public exhibit and education center to help people fully understand their roles, responsibilities and vulnerabilities when it comes to managing and protecting their health information – both personally and professionally. Learn more