MedTech Terms
    The authoritative reference
    Compare

    Two terms, side by side

    Pick any two terms to see definitions, context, pitfalls, and sources in parallel.

    Cybersecurity

    Medhacking

    In one line
    Umbrella term for hacking activity directed at medical devices, ranging from criminal attack to coordinated security research and patient-led modification.
    Definition
    Medhacking is an informal umbrella term for hacking activity directed at medical devices and clinical systems. It covers three overlapping populations: (1) malicious actors attacking devices to harm patients, extort hospitals, or pivot into healthcare networks (overlapping with medjacking); (2) security researchers performing coordinated vulnerability disclosure under programs aligned with the FDA-recognized ISO/IEC 29147 and 30111 standards; and (3) patient and DIY communities modifying their own devices for clinical benefit - most visibly the #WeAreNotWaiting movement that built open-source automated insulin delivery systems (OpenAPS, Loop, AndroidAPS) on top of commercial insulin pumps and CGMs. The term is not a regulatory category; it is a shorthand the press, conference circuit (DEF CON Biohacking Village), and patient communities use to describe the broader phenomenon of technical intervention into medical devices outside the manufacturer's intended pathway.
    Why it matters
    For manufacturers, the practical implication is to plan for all three populations: a hardened device, a published coordinated vulnerability disclosure policy and security.txt, an active relationship with the security research community (Biohacking Village, ICS-CERT, MDIC), and clear labeling and human-factors design that anticipate motivated patient modification - especially in chronic-disease devices like insulin pumps and CGMs.
    Common pitfalls
    • Treating all medhackers as adversaries and lacking a coordinated vulnerability disclosure channel.
    • Threatening security researchers with legal action instead of triaging their findings - a known reputational disaster in MedTech.
    • Ignoring patient-driven modification trends until they become a safety communication.
    • Conflating medhacking, medjacking, and brainjacking in internal risk documentation - regulators expect precise language.
    Open full page
    Select term B to compare.

    Why compare MedTech terms side by side?

    MedTech terminology is full of pairs that look interchangeable but carry very different regulatory, clinical, and commercial consequences. Picking the wrong framework, pathway, or standard early in a project can add months to a submission, invalidate clinical evidence, or trigger an audit finding. Side-by-side comparison is the fastest way to surface those differences before they become costly mistakes.

    Each comparison on this page pulls from the same vendor-neutral, sourced definitions used throughout the MedTech Terms glossary. You see the one-line summary, the formal definition, why it matters in practice, common pitfalls, and the primary sources (FDA guidance, EU MDR/IVDR articles, ISO/IEC standards, MDCG documents, IMDRF principles) that back each entry. That makes the comparison defensible in regulatory strategy memos, design reviews, and submission narratives.

    Common comparison patterns

    How to use this tool

    Pick term A and term B from the dropdowns, or click a preset above. The URL updates with both slugs so you can bookmark or share the exact comparison with a colleague, a notified body reviewer, or your regulatory consultant. Click Open full page on either side for the complete entry, including FAQs, related terms, and the full citation list. If you are not sure which term to start with, browse the Categories view or the A-Z index.

    MedTech Terms is a vendor-neutral community resource sponsored by Blue Goat Cyber. Definitions are written for educational use and are not legal or regulatory advice.