Please login to the form below

Not currently logged in
Email:
Password:

Digital intelligence blog

Pharma insight on digital marketing, social media, mobile apps, online video, websites and interactive healthcare tools

Medical device firms told to address cybersecurity risks

FDA says online security should be part of a device's design and development

Digital pharma intelligenceThe FDA has told medical device manufacturers to tackle cybersecurity risks for devices that can connect to each other and other computer systems.

To ensure patients' health and information is better protected the US regulator says in new guidance that online security should be part of a device's design and development.

The FDA also wants manufacturers to document any risks for new devices, the controls they'll put in place to mitigate those risks and their plans for providing patches and updates to operating systems and medical software.

Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at the FDA's Center for Devices and Radiological Health, said: “There is no such thing as a threat-proof medical device. It is important for medical device manufacturers to remain vigilant about cybersecurity and to appropriately protect patients from those risks.”

The regulator said it was not aware of any devices having been targeted, or patients harmed, but the rising number of mobile devices used by patients and healthcare professionals is clearly a concern.

“While the increased use of wireless technology and software in medical devices also increases the risks of potential cybersecurity threats, these same features also improve health care and increase health care providers' ability to treat patients,” the agency noted.

Its final Content of Pre-market Submissions for Management of Cybersecurity in Medical Devices guidance outlines several cybersecurity concerns, including:

•  Malware infections on network-connected medical devices or computers, smartphones, and tablets used to access patient data

• Unsecured or uncontrolled distribution of passwords

• Failure to provide timely security software updates and patches to medical devices and networks

• Security vulnerabilities in off-the-shelf software designed to prevent unauthorised access to the device or network.

The regulator will hold a public workshop on October 21-22 looking at how stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.

3rd October 2014

From: Regulatory

Share

Tags

Featured jobs

Subscribe to our email news alerts

PMHub

Add my company
Complete HealthVizion

Complete HealthVizion is a global team of fresh thinkers who aspire to be better every day. We create life-changing medical...

Latest intelligence

The truth is out there: Patients first
Patient centricity, patient focus, patients first – words that are on everyone’s lips these days. But what do they really mean? Where does the patient voice fit in? And what...
mHealth: The revolution will not be digital
Could mHealth, which has been growing exponentially in recent years, be the answer we have been looking for to address our population health challenge? Could mHealth save healthcare?...
Medical information in precision medicine
Global Medical Information Leader James Oughton reveals the top trends in medical information and precision medicine....

Infographics