This Institute for Critical Infrastructure Technology blog post, entitled “Assessing the FDA’s Cybersecurity Guidelines for Medical Device Manufacturers: Why Subtle “Suggestions” May Not Be Enough” is an objective analysis of the recent Food and Drug Administration (FDA) “Draft Guidance for Industry and Food and Drug Administration Staff.”
The guidance advises medical device manufacturers to address cybersecurity “throughout a product’s lifecycle” and is the latest action by the FDA which underscores its position that medical device cyber security is a priority for the health sector. However, despite the implied sense of urgency, the FDA has chosen not to implement enforceable regulations over medical device manufacturers. This examination of the FDA’s ‘suggestions’ provides a concise summary of the draft guidance as well as recommendations for the healthcare community.
You can find the whole whitepaper here.
ICIT
icitech.org