Product security and privacy

Striving to build products that are secure by design, in use and through partnership.

Policy statement

We value the confidentiality, integrity and availability of all protected health and personally identifiable information (e.g., PHI, PII) in accordance with all applicable federal and state privacy and security laws, including the Health Insurance Portability and Accountability Act. BD has implemented administrative, technical and physical safeguards, to reasonably protect against security incidents or privacy breaches involving a BD product. However, as systems evolve, vulnerabilities may be identified, and we consider you a partner in this process. If you have any concerns, we ask that you bring them to our attention, and we will investigate and address the issue if necessary, including through responsible disclosure of such issues if they exist.

BD is committed to providing secure products to our customers given the important benefits they provide to patient health. Across BD, we continuously strive to improve security and privacy through the product lifecycle using the following practices where appropriate:

  • Privacy and security by design
  • Product and supplier risk assessment
  • Vulnerability and patch management
  • Secure coding practices and analysis
  • Vulnerability scanning and third-party testing
  • Access control to customer data
  • Incident response

BD Product Security Framework

BD Product Security Infographic

The following product security policy and procedure templates for medical technology companies have been provided below in furtherance of our commitment to transparency and collaboration with customers and industry stakeholders.

Product Security Policy Template

Product Security Procedure Template

Product Security Incident Vulnerability Management Plan Template

Product Security White Paper Template

White papers

BD is developing security white papers for each of our software-enabled products. The purpose of these documents is to provide details on how BD security and privacy practices have been applied, what our customers should know about maintaining security and how we are partnering with our customers to ensure security throughout the product lifecycle.

Request a BD product security white paper by filling out this form or contacting your sales representative.

Reporting issues

If you would like to report a potential product-related privacy or security issue (incident, breach or vulnerability), please fill out this Product Security Issue Report Form. If you would like to learn more about our incident and vulnerability management process please refer to our BD Coordinate Vulnerability Disclosure Program.

Partnership program

At BD, we believe industry collaboration is essential to making our products more secure. That is why we strive for security by design, in use and through partnership with stakeholders. Whether our partners are customers managing the security in their own environments, the security research community helping us better research and evaluate emerging threats, or security vendors identifying practical security solutions, we appreciate the opportunity to collaborate. The following are some of the ways we are collaborating:

If you would like to collaborate with BD on product-related privacy or security issue initiatives, contact: [email protected].