Please login to the form below

Not currently logged in
Email:
Password:

Digital intelligence blog

Pharma insight on digital marketing, social media, mobile apps, online video, websites and interactive healthcare tools

Medical device firms told to address cybersecurity risks

FDA says online security should be part of a device's design and development

Digital pharma intelligenceThe FDA has told medical device manufacturers to tackle cybersecurity risks for devices that can connect to each other and other computer systems.

To ensure patients' health and information is better protected the US regulator says in new guidance that online security should be part of a device's design and development.

The FDA also wants manufacturers to document any risks for new devices, the controls they'll put in place to mitigate those risks and their plans for providing patches and updates to operating systems and medical software.

Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at the FDA's Center for Devices and Radiological Health, said: “There is no such thing as a threat-proof medical device. It is important for medical device manufacturers to remain vigilant about cybersecurity and to appropriately protect patients from those risks.”

The regulator said it was not aware of any devices having been targeted, or patients harmed, but the rising number of mobile devices used by patients and healthcare professionals is clearly a concern.

“While the increased use of wireless technology and software in medical devices also increases the risks of potential cybersecurity threats, these same features also improve health care and increase health care providers' ability to treat patients,” the agency noted.

Its final Content of Pre-market Submissions for Management of Cybersecurity in Medical Devices guidance outlines several cybersecurity concerns, including:

•  Malware infections on network-connected medical devices or computers, smartphones, and tablets used to access patient data

• Unsecured or uncontrolled distribution of passwords

• Failure to provide timely security software updates and patches to medical devices and networks

• Security vulnerabilities in off-the-shelf software designed to prevent unauthorised access to the device or network.

The regulator will hold a public workshop on October 21-22 looking at how stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.

3rd October 2014

From: Regulatory

Share

Tags

Featured jobs

Subscribe to our email news alerts

PMHub

Add my company
An agency called Owen

We’re a Healthcare Communications Agency specialising in Multi-channel Marketing to make you Digitally Fitter, Stronger & Faster....

Latest intelligence

Genomics integration: can the NHS rise to the challenge?
Experts gather to discuss the UK’s genomic landscape...
London
“Brexit has been a catalyst for UK clinical research... it’s turbocharged change”
The UK clinical trials environment has been transformed in recent years – but can it really buck Brexit’s risks and uncertainties?...
The Future of Pharma sales: fast forward to 2029
Change is inevitable, and necessary, for growth in business....

Infographics