FDA proposes cybersecurity guidance for medical devices

  • TECH
  • Wednesday, 20 Jan 2016

A view shows the U.S. Food and Drug Administration (FDA) headquarters in Silver Spring, Maryland August 14, 2012. REUTERS/Jason Reed

The US Food and Drug Administration has issued draft guidelines to medical device makers on how to protect patients from cybersecurity vulnerabilities in their devices. 

"Cybersecurity threats to medical devices are a growing concern," the agency said in a statement. "The exploitation of cybersecurity vulnerabilities presents a potential risk to the safety and effectiveness of medical devices." 

The draft guidance, which is not legally binding, recommends companies take a number of actions, including monitoring and assessing risk, coordinating efforts by companies, government and other groups do disclose vulnerabilities, and taking measures to address cybersecurity risk early. 

Most cybersecurity vulnerabilities are considered routine and can be remedied by updates or patches which would not need to be reported under the proposed guidance, the agency said. Companies would be required to report vulnerabilities that could compromise clinical performance of the device and risk a patient's health. 

The guidance covers how companies should monitor devices once they have been cleared for marketing. The agency previously issued guidance for companies still in the development stage to help inform design choices. 

Joshua Corman, founder of I Am The Cavalry, a cybersafety advocacy group who worked with the FDA on the guidance, said he was extremely encouraged by the agency's action. 

"I have found the FDA has been very forward thinking to get out in front of this and not wait for proof of harm before acting," he said. 

The proposed guidance will be open for public comment for 90 days, after which the FDA will issue final guidance. The agency is holding a public cybersecurity workshop at its headquarter in Silver Spring, Maryland on Jan 20-21. 

The workshop will focus on "unresolved gaps and challenges that have hampered progress in advancing medical device cybersecurity." — Reuters

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

Fund advisor presses EV startup Rivian on environment, human rights ahead of IPO
PayPal in talks to buy Pinterest - source
America Movil says ready to launch 5G in Mexico; plans to sell Tracfone this year
Logistics tech firm Flock Freight turns unicorn after SoftBank-led funding
Alphabet's Wing project will unveil new drone delivery model in Texas
Analysis-Eat or be eaten? Food delivery apps have knives out as pandemic boom fades
India's Future Retail must take part in Amazon dispute arbitration, Singapore panel says
Amazon and others commit to using zero-carbon shipping fuels by 2040
Bourse operator Cboe to buy digital asset exchange ErisX
Exclusive-Renault sees bigger production hit from chip shortage - sources

Others Also Read