Please login to the form below

Not currently logged in
Email:
Password:

Digital intelligence blog

Pharma insight on digital marketing, social media, mobile apps, online video, websites and interactive healthcare tools

Medical device firms told to address cybersecurity risks

FDA says online security should be part of a device's design and development

Digital pharma intelligenceThe FDA has told medical device manufacturers to tackle cybersecurity risks for devices that can connect to each other and other computer systems.

To ensure patients' health and information is better protected the US regulator says in new guidance that online security should be part of a device's design and development.

The FDA also wants manufacturers to document any risks for new devices, the controls they'll put in place to mitigate those risks and their plans for providing patches and updates to operating systems and medical software.

Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at the FDA's Center for Devices and Radiological Health, said: “There is no such thing as a threat-proof medical device. It is important for medical device manufacturers to remain vigilant about cybersecurity and to appropriately protect patients from those risks.”

The regulator said it was not aware of any devices having been targeted, or patients harmed, but the rising number of mobile devices used by patients and healthcare professionals is clearly a concern.

“While the increased use of wireless technology and software in medical devices also increases the risks of potential cybersecurity threats, these same features also improve health care and increase health care providers' ability to treat patients,” the agency noted.

Its final Content of Pre-market Submissions for Management of Cybersecurity in Medical Devices guidance outlines several cybersecurity concerns, including:

•  Malware infections on network-connected medical devices or computers, smartphones, and tablets used to access patient data

• Unsecured or uncontrolled distribution of passwords

• Failure to provide timely security software updates and patches to medical devices and networks

• Security vulnerabilities in off-the-shelf software designed to prevent unauthorised access to the device or network.

The regulator will hold a public workshop on October 21-22 looking at how stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.

3rd October 2014

From: Regulatory

Share

Tags

Featured jobs

Subscribe to our email news alerts

PMHub

Add my company
Virgo Health

Virgo Health is an award-winning global healthcare communications and medical education agency comprising specialists with some of the best skills,...

Latest intelligence

OUTiCO win Best in UK Pharmaceutical Outsourcing award
The Corporate LiveWire Healthcare and Life Sciences Awards celebrate global companies and individuals who have excelled over the past 12 months....
artificial-intelligence-in-healthcare.jpg
Artificial Intelligence in Healthcare
Artificial intelligence is already out-diagnosing experts, but would you put a computer in charge of your healthcare? The good, the bad; we take a look....
World Pancreatic Cancer Day 2018: Combating misconceptions in pancreatic cancer
Patients diagnosed with pancreatic cancer face a dismal prognosis, with the disease having the lowest survival rate of all major cancers. In spite of this, pancreatic cancer research is chronically...

Infographics