Medical Device Cybersecurity Maturity Survey

Thank you for taking the time to complete this important survey developed by the Medical Device Innovation Consortium (MDIC)  in collaboration with Healthcare and Public Health Sector Coordinating Council (HSCC), a coalition of private-sector, critical healthcare infrastructure entities in partnership with government.

The Medical Device Innovation Consortium (MDIC) will utilize survey findings to create resources to measure maturity over time and enable industry growth through continuous product security enhancements.

**Please note, all information provided by each company will be kept confidential and withheld from any regulatory or governing bodies. Non-identifiable summaries of the overall findings will be made public as part of the overarching benchmark study.**

The survey encompasses 44 questions each drawn from the Medical Device and Health IT Joint Security Plan’s (JSP) maturity assessment framework, along with basic demographic questions and should take approximately 15-30 minutes to complete (you can save your progress at any time to resume later). Previous or current use of the JSP is not a requirement for participation.

We recommend a Senior-Level Product Security Officer, Risk Manager or Quality Manager complete this survey based on strong working knowledge of the organization’s product portfolio and relative security posture. We also encourage connecting with colleagues across the organization’s lines of business, where relevant, to ensure responses are as comprehensive and accurate as possible. Only one survey per company or organization is meant to be completed and submitted; duplicates will be discarded.

  • All identifiable information provided by survey respondents will be kept confidential, withheld from any regulatory or governing bodies and not shared outside of MDIC.
  • Only non-identifiable, anonymous summaries of the overall findings will be made public as part of the overarching benchmark study.
  • Names of organizations participating in this survey will not be included in any public reports or summaries.
  • Please email if your organization would prefer to initiate an NDA before submitting data for this survey.



View the MDIC Medical Device Cybersecurity Maturity: Industry Benchmarking Report 2022