AMAR / MoH

Israel — AMAR / MoH

MandatoryLast updated · 2024 (MoH cybersecurity circular refresh)Verified · 2026-05-28

Medical Devices Law 5772-2012 + MoH Cybersecurity Circular

Authority

Medical Devices Division (AMAR), Israeli Ministry of Health

Enforced

2019 (cybersecurity circular)

Legal framework

Medical Devices Law + MoH Director-General Circulars + INCD guidance

FDA package reuse

~90%

Editorial estimate · how →

Scope

All medical devices marketed in Israel; reference jurisdiction model accepts FDA, CE, Health Canada, TGA, PMDA approvals.

Pre-market

Cybersecurity risk management dossier, threat model, evidence of secure SDLC, alignment to FDA/IMDRF accepted.

Post-market

Adverse-event and cyber-incident reporting to MoH; coordination with INCD for critical infrastructure.

SBOM

Recommended

Strongly encouraged; aligned to FDA expectations for dual-market devices.

Vulnerability disclosure

INCD (Israel National Cyber Directorate) coordinated disclosure recommended.

Penalty

Registration suspension, recall orders, criminal liability under Medical Devices Law.

Unique requirements

01Israeli Registration Holder required
02Hebrew labelling for end users
03INCD critical-infrastructure notifications for hospital systems

Highlights

Reference-jurisdiction abridged route
INCD overlay for hospital-deployed devices
Strong alignment to FDA SPDF

Aligns with

FDA 2023 Guidance IMDRF N60 IEC 81001-5-1

Timeline

2012

Medical Devices Law enacted
2019

MoH cybersecurity circular issued
2023

Updated alignment with FDA / IMDRF

Key documents

Israeli MoH Medical Devices Division

https://www.health.gov.il/English/MinistryUnits/HealthDivision/MedicalTechnologies/Pages/default.aspx

INCD Guidance Library

https://www.gov.il/en/departments/israel_national_cyber_directorate

Related markets

Canada

~95% FDA reuse

United Arab Emirates

~85% FDA reuse

United States

~100% FDA reuse

Japan

~70% FDA reuse

Frequently asked about Israel

Is SBOM required for medical devices in Israel?

Recommended. Strongly encouraged; aligned to FDA expectations for dual-market devices.

What does AMAR / MoH require for pre-market cybersecurity?

Cybersecurity risk management dossier, threat model, evidence of secure SDLC, alignment to FDA/IMDRF accepted.

What are the post-market cybersecurity obligations under AMAR / MoH?

Adverse-event and cyber-incident reporting to MoH; coordination with INCD for critical infrastructure.

What is the penalty for non-compliance with AMAR / MoH cybersecurity rules?

Registration suspension, recall orders, criminal liability under Medical Devices Law.

How much of my FDA cybersecurity package is reusable in Israel?

Roughly 90% — an editorial estimate based on overlapping evidence requirements (threat model, SBOM, security risk assessment, pen-test report).