17th October 2024 is the deadline for EU member states to implement the EU Directive 2022/2555 EUR-Lex – 02022L2555-20221227 – EN – EUR-Lex (europa.eu) on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) 910/214 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive).
NIS 2 widens the scope of services covered by the legislation compared to the original NIS legislation. The healthcare sector including Medical Device and In Vitro Diagnostic manufacturers are in scope.
Note that the new requirements also apply to some organisations outside of the EU, providing services within the EU.
