The Radiometer Group will not engage in legal action against individuals who in good faith submit vulnerability reports in accordance with our coordinated vulnerability disclosure process. We openly accept reports for the currently supported products and services from individuals who
- Engage in testing our products and/or research without harming Radiometer or its customers
- Engage in vulnerability testing within the scope of our vulnerability disclosure program and avoid testing against products and/or services being actively used for patient care delivery, diagnostics or monitoring
Radiometer considers it a key priority to provide safe products and services including protecting personal information. Therefore, when conducting your security research, please avoid actions that could cause harm to patients or products. Note that vulnerability testing could negatively impact a product. As such, testing should not be conducted on active products in a clinical setting, and products subjected to security testing should not subsequently be used in a clinical setting. If there is any doubt, please contact a Radiometer representative.
Radiometer reserves the right to modify its coordinated vulnerability disclosure process at any time, without notice, and to make exceptions to it on a case-by-case basis. No particular level of response is guaranteed. However, if a vulnerability is verified, we will attribute recognition to the researcher reporting it, if requested.
CAUTION: Do not include sensitive information (e.g., sample information, PHI, PII, etc.) in any documents submitted to Radiometer. Comply with all laws and regulations in the course of your testing activities.
Note: When sharing any information with Radiometer, you agree that the information you submit will be considered non-proprietary and non-confidential and that Radiometer is allowed to use such information in any manner, in whole or in part, without any restriction.