Please login to the form below

Not currently logged in
Email:
Password:

Digital intelligence blog

Pharma insight on digital marketing, social media, mobile apps, online video, websites and interactive healthcare tools

Medical device firms told to address cybersecurity risks

FDA says online security should be part of a device's design and development

Digital pharma intelligenceThe FDA has told medical device manufacturers to tackle cybersecurity risks for devices that can connect to each other and other computer systems.

To ensure patients' health and information is better protected the US regulator says in new guidance that online security should be part of a device's design and development.

The FDA also wants manufacturers to document any risks for new devices, the controls they'll put in place to mitigate those risks and their plans for providing patches and updates to operating systems and medical software.

Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at the FDA's Center for Devices and Radiological Health, said: “There is no such thing as a threat-proof medical device. It is important for medical device manufacturers to remain vigilant about cybersecurity and to appropriately protect patients from those risks.”

The regulator said it was not aware of any devices having been targeted, or patients harmed, but the rising number of mobile devices used by patients and healthcare professionals is clearly a concern.

“While the increased use of wireless technology and software in medical devices also increases the risks of potential cybersecurity threats, these same features also improve health care and increase health care providers' ability to treat patients,” the agency noted.

Its final Content of Pre-market Submissions for Management of Cybersecurity in Medical Devices guidance outlines several cybersecurity concerns, including:

•  Malware infections on network-connected medical devices or computers, smartphones, and tablets used to access patient data

• Unsecured or uncontrolled distribution of passwords

• Failure to provide timely security software updates and patches to medical devices and networks

• Security vulnerabilities in off-the-shelf software designed to prevent unauthorised access to the device or network.

The regulator will hold a public workshop on October 21-22 looking at how stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.

3rd October 2014

From: Regulatory

Share

Tags

Featured jobs

Subscribe to our email news alerts

PMHub

Add my company
An agency called Owen

We’re a Healthcare Communications Agency specialising in Multi-channel Marketing to make you Digitally Fitter, Stronger & Faster....

Latest intelligence

PM Society Digital Awards – the power of together
Our chief executive, Emma Statham, writes about the value of awards and the power of together....
Seduction_feature_image_thumb.jpg
Seduce anyone in four simple steps
You know the health of the global economy is dependent on our ability to seduce one another – don’t you? And you know that we need to be able to...
What Would Jeremy Do? : Assessing the impact of a Corbyn-led Labour government
GK Strategy are delighted to announce the launch our latest briefing paper entitled ‘What Would Jeremy Do? Assessing the impact of a Corbyn-led Labour government’....

Infographics