Medical Design and Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech

FDA to revamp medtech cybersecurity — with your help

October 11, 2018 By Heather Thompson

[Photo by Markus Spiske on Unsplash.]

FDA recently announced that it is taking additional steps to boost medtech cybersecurity, and it’s seeking outside help to do so.

The agency will soon release a new draft of its premarket guidance document to combat the growing threat of cyber attacks. In addition, the agency announced multiple partnerships with manufacturers, hospitals and more — as well as the release of a cybersecurity playbook, and the possibility of a new center dedicated to cybersecurity.

The clear message from the agency is that a multi-pronged approach, with buy-in from all involved, is critical to staying ahead of bad actors.

The FDA’s moves come on the heels of a report from the U.S. Dept. of Health and Human Services’ Office of Inspector General that found that FDA needed to take additional steps to ensure medtech cybersecurity.

Here are the key takeaways from the press release:

  • A new draft guidance updates the existing documents from 2014. The new version will highlight the utility of providing customers and users with a “cybersecurity bill of materials” – a list of commercial and/or off-the-shelf software and hardware components of a device that could be susceptible to vulnerabilities. Depending on the level of cybersecurity risk associated with a device, this list can be an important resource to help ensure that device customers and users are able to respond quickly to potential threats.
  • The agency signed two significant memoranda of understanding with multiple stakeholders to create sharing analysis organizations (ISAOs). These groups, which include manufacturers, hospitals, health care providers, cybersecurity researchers and government entities, will allow increased information sharing and transparency around cybersecurity risks. Importantly, FDA reiterated to manufacturers that joining ISAOs is a signal to the agency that they’re being proactive in addressing cybersecurity. Although there is no requirement as of yet, it is clear that CDRH will view such participation as a positive step.
  • The MITRE Corporation, with support from the FDA, released a Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook.  The playbook describes the types of readiness activities that’ll enable healthcare delivery organizations (e.g., hospitals) to be better prepared for a cybersecurity incident involving their medical devices.
  • FDA also developed its own internal playbook to help agency staff address cybersecurity threats, vulnerabilities and incidents. The internal playbook establishes an effective and appropriate incident plan that’s flexible and clear. It aims to help the agency respond in a timely manner to medical device cybersecurity attacks – mitigating impacts to devices, health care systems and ultimately, patients.
  • Finally, FDA said it is taking steps to continue building the medical device cybersecurity program. FDA’s Fiscal Year 2019 Budget proposed to create a Center of Excellence for Digital Health. This Center of Excellence would help establish more efficient regulatory paradigms, consider the building of new capacity to evaluate and recognize third-party certifiers, and support a cybersecurity unit to complement the advances in software-based devices.

Related Articles Read More >

cybersecurity
Moody’s warns of cybersecurity, antitrust and supplier risks for medical device companies
FDA proposes new cybersecurity, supply chain and inspection laws for medical device manufacturers
FDA’s $8.4B budget request includes supply chain, pandemic prep and cancer funding
Cybersecurity medical device
FDA warns of cybersecurity risk in certain medical device software components

DeviceTalks Weekly.

May 13, 2022
Our Pre-Post-DeviceTalks Boston episode, also MedtronicTalks replay with Gastro CMO Austin Chiang
See More >

MDO Digital Edition

Digital Edition

Subscribe to Medical Design & Outsourcing. Bookmark, share and interact with the leading medical design engineering magazine today.

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.
DeviceTalks

DeviceTalks is a conversation among medical technology leaders. It's events, podcasts, webinars and one-on-one exchanges of ideas & insights.

DeviceTalks

New MedTech Resource

Medical Tubing

Enewsletter Subscriptions

Enewsletter Subscriptions

MassDevice

Mass Device

The Medical Device Business Journal. MassDevice is the leading medical device news business journal telling the stories of the devices that save lives.

Visit Website
MDO ad
Medical Design and Outsourcing
  • MassDevice
  • DeviceTalks
  • MedTech 100 Index
  • Medical Tubing + Extrusion
  • Drug Delivery Business News
  • Drug Discovery & Development
  • Pharmaceutical Processing World
  • R&D World
  • About Us/Contact
  • Advertise With Us
  • Subscribe to Print Magazine
  • Subscribe to E-newsletter
  • Attend our Monthly Webinars
  • Listen to our Weekly Podcasts
  • Join our DeviceTalks Tuesdays Discussion

Copyright © 2022 WTWH Media, LLC. All Rights Reserved. Site Map | Privacy Policy | RSS

Search Medical Design & Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech