The topic of cybersecurity vulnerability disclosure is arguably one of the most active and often quite contentious. While there is general agreement that it is important to pursue the discovery of cybersecurity vulnerabilities, there is far less agreement on what is considered responsible use of the information once discovered. The ever-increasing use of communication technologies in medical devices and systems has led to devices that face many of the same vulnerabilities found in any other industry. While the security world has been able to draw some parallels between the health care industry and other industries, there are some key differences. This session will explore some of these key differences, and how these differences potentially affect the way in which vulnerability disclosure should be handled.