We use cookies to understand how you use our site and to improve your experience. This includes personalizing content and advertising. To learn more, click here. By continuing to use our site, you accept our use of cookies. Cookie Policy.

Features Partner Sites Information LinkXpress
Sign In
Advertise with Us

Download Mobile App




FDA Issues Cybersecurity Recommendations for Medical Device Manufacturers

By HospiMedica International staff writers
Posted on 02 Feb 2016
Print article
The US Food and Drug Administration (FDA; Silver Spring, MD, USA) has issued a draft guidance outlining important steps medical device manufacturers should take to address cybersecurity risks.

According to the FDA, cybersecurity threats to medical devices are a growing concern, and exploitation of cybersecurity vulnerabilities presents a potential risk to the safety and effectiveness of such devices. While manufacturers can incorporate controls in the design of a product to help prevent these risks, they must also consider improvements during maintenance of devices, since the evolving nature of cyber threats means risks may arise throughout a device’s entire lifecycle. A structured and systematic comprehensive approach that responds in a timely fashion to identified vulnerabilities is thus recommended.

For the majority of cases, actions taken by manufacturers to address cybersecurity vulnerabilities and exploits should include routine updates or patches, for which no advanced notification, additional premarket review, or reporting under FDA regulations is required. For a small subset of cybersecurity vulnerabilities and exploits that may compromise essential clinical performance of a device and present a reasonable probability of serious adverse health consequences or death, the FDA would require medical device manufacturers to notify the agency.

In cases where the vulnerability is quickly addressed in a way that sufficiently reduces the risk of harm to patients, the FDA does not intend to enforce urgent reporting of the vulnerability to the agency, if certain conditions are met. These include no serious adverse events or deaths associated with the vulnerability; that within 30 days of learning of the vulnerability, the manufacturer notifies users and implements changes that reduce the risk to an acceptable level; and that the manufacturer reports the vulnerability, its assessment, and remediation to its Information Sharing Analysis Organization (ISAO).

“All medical devices that use software and are connected to hospital and health care organizations’ networks have vulnerabilities; some we can proactively protect against, while others require vigilant monitoring and timely remediation,” said Suzanne Schwartz, MD, MBA, associate director for science and strategic partnerships and acting director of emergency preparedness/operations and medical countermeasures in the FDA’s Center for Devices and Radiological Health (CDRH).

“The FDA is encouraging medical device manufacturers to take a proactive approach to cybersecurity management of their medical devices. Only when we work collaboratively and openly in a trusted environment, will we be able to best protect patient safety and stay ahead of cybersecurity threats,” continued Dr. Schwartz. “Today’s draft guidance will build on the FDA’s existing efforts to safeguard patients from cyber threats, by recommending medical device manufacturers continue to monitor and address cybersecurity issues while their product is on the market.”

Related Links:

US Food and Drug Administration


Gold Member
STI Test
Vivalytic Sexually Transmitted Infection (STI) Array
Gold Member
SARS‑CoV‑2/Flu A/Flu B/RSV Sample-To-Answer Test
SARS‑CoV‑2/Flu A/Flu B/RSV Cartridge (CE-IVD)
Silver Member
Compact 14-Day Uninterrupted Holter ECG
NR-314P
New
Digital ECG Machine
ECG – 11D

Print article

Channels

Critical Care

view channel
Image: Researchers have developed a novel risk score for cardiovascular complications after bone marrow transplant (Photo courtesy of 123RF)

Novel Tool Predicts Cardiovascular Risks after Bone Marrow Transplantation

Every year, thousands of people undergo bone marrow transplants to potentially cure serious diseases like leukemia, lymphoma, and immune deficiency disorders. While these transplants can be lifesaving,... Read more

Surgical Techniques

view channel
Image: The Early Bird Bleed Monitoring System provides visual and audible indicators of the onset and progression of bleeding events (Photo courtesy of Saranas)

Novel Technology Monitors and Lowers Bleeding Complications in Patients Undergoing Heart Procedures

Bleeding complications at the femoral access site can significantly hamper recovery, affecting the success of procedures, patient satisfaction, and overall healthcare costs. It is crucial for surgeons... Read more

Patient Care

view channel
Image: The newly-launched solution can transform operating room scheduling and boost utilization rates (Photo courtesy of Fujitsu)

Surgical Capacity Optimization Solution Helps Hospitals Boost OR Utilization

An innovative solution has the capability to transform surgical capacity utilization by targeting the root cause of surgical block time inefficiencies. Fujitsu Limited’s (Tokyo, Japan) Surgical Capacity... Read more

Point of Care

view channel
Image: The new eye-safe laser technology can diagnose traumatic brain injury (Photo courtesy of 123RF)

Novel Diagnostic Hand-Held Device Detects Known Biomarkers for Traumatic Brain Injury

The growing need for prompt and efficient diagnosis of traumatic brain injury (TBI), a major cause of mortality globally, has spurred the development of innovative diagnostic technologies.... Read more
Copyright © 2000-2024 Globetech Media. All rights reserved.