The Johner Institute has in collaboration with TÜV SÜD, TÜV Nord and Dr. Heidenreich (Siemens) compiled an excellent set of Medical Device IT Security Process and Product requirements.
The entire guideline is available in the GitHub-Repository „IT Security Guideline“ (https://github.com/johner-institut/it-security-guideline/).
This extension contains the 50 Product IT Security Requirements, which make up the second part of the guideline.