Market insight in association with

Will the FDA’s new guidance boost medical device cybersecurity?

Healthcare providers and medical device manufacturers are beginning to implement new technologies such as the cloud, mobility, Big Data, and the Internet of Things (IoT) into care models, leading medical devices to become increasingly connected – to the internet, hospital networks, and each other.

The use of connected medical devices such as insulin pumps and implanted pacemakers brings the risk of hacking directly to patients. To secure not only the device itself but also its stored data, attention is turning to increased cybersecurity efforts. As part of this shift, the FDA is updating its guidance for medical device manufacturers in order to address the evolving technological landscape and increased insight into cyber threats.

On 17 October, the FDA issued a draft guidance document, ‘Content for Premarket Submissions for Management of Cybersecurity in Medical Devices’, which improves upon its original 2014 guidance document with revised recommendations.

Among the new recommendations is the cybersecurity bill of materials, a list of the software and hardware components of a medical device that may be vulnerable to cyber threats. This bill of materials would make healthcare facilities and end users aware of security issues and allow them to appropriately prepare for those vulnerabilities. The FDA has opened a comment period on the new draft guidance document through 18 March 2019, after which the new recommendations will be finalised.

In another bid to improve medical device cybersecurity efforts, the FDA announced on 16 October a new agreement with the US Department of Homeland Security (DHS). This agreement, between the FDA’s Center for Devices and Radiological Health and the DHS’ Office of Cybersecurity and Communications, aims to improve coordination and cooperation between the two agencies on medical device cybersecurity through the sharing of information on potential or confirmed vulnerabilities and threats. This coordination is expected to improve the timeliness and quality of response to threats to patient safety.

Although the FDA has provided pre-market and post-market guides to offer recommendations and assist in improved cybersecurity practices, cybersecurity responsibilities are largely left to medical device manufacturers. Improved awareness of the risks and more stringent regulations are needed to encourage manufacturers to incorporate cybersecurity as a core component of device development rather than as an ‘add-on’ after market approval, which will strengthen medical devices against cyberattacks.

For more insight and data, visit the GlobalData Report Store.

Share this article

Go to article: Home | The race to regulate 3D printed devicesGo to article: Formacoat Company InsightGo to article: FormacoatGo to article: In this issueGo to article: MPS Microsystems Company InsightGo to article: MPS MicrosystemsGo to article: ContentsGo to article: Micro Systems TechnologiesGo to article: Cap Biomaterials Company Insight Go to article: Cap BiomaterialsGo to article: NewsGo to article: MikronGo to article: Ide8Go to article: The medical industry briefingGo to article: Protomatic Company InsightGo to article: Protomatic MedicalGo to article: Automation vs AI in medtech: where are we headed?Go to article: Telemed Company InsightGo to article: TelemedGo to article: NSFGo to article: A breakthrough in 3D-printed neuronal stem cells and scaffold therapyGo to article: ElectroCraftGo to article: ElectroCraft Company InsightGo to article: Maxon MotorGo to article: Otsuka and Magellan Health collaborate to launch first digital pillGo to article: Bright PlasticsGo to article: ARPA Company InsightGo to article: ARPAGo to article: Nelson Labs Company InsightGo to article: Nelson LabsGo to article: Novartis aims to disrupt healthcare with ‘digital ecosystem’Go to article: Linemaster Company InsightGo to article: LinemasterGo to article: Performance Motion Devices Company InightGo to article: Performance Motion DevicesGo to article: Will FDA’s new guidance boost medical device cybersecurity?Go to article: Machine Solutions Company InsightGo to article: Machine SolutionsGo to article: AtoZ-CRO GmbHGo to article: AtoZ-CRO GmbH Company InsightGo to article: Transporting human organs: the innovations saving livesGo to article: Maraca InternationalGo to article: Accurate Biometrics Company InsightGo to article: Accurate BiometricsGo to article: Breaking point: should we be reusing more medical devices?Go to article: ABBGo to article: ABB Company InsightGo to article: 3D printed medical devices: a tough trial for regulation?Go to article: Ash TechnologiesGo to article: Innomech Company InsightGo to article: InnomechGo to article: Cutting complete blood count tests from days to minutesGo to article: Medica LLC Company InsightGo to article: Medica LLCGo to article: AberdeenGo to article: “At least I have my health”: the reputational impact of AI in healthcareGo to article: Freund ElectronicGo to article: myLiquitabGo to article: Amplifying the patient voice and the role of linguistic validationGo to article: Art of TechnologyGo to article: AerotechGo to article: Erdmann Design SwitzerlandGo to article: Human + machine: the future of digital healthcareGo to article: Velixx Company InsightGo to article: VelixxGo to article: EventsGo to article: Lubrizol LifeSciencesGo to article: CS Hyde CompanyGo to article: Next issue