Please login to the form below

Not currently logged in
Email:
Password:

Digital intelligence blog

Pharma insight on digital marketing, social media, mobile apps, online video, websites and interactive healthcare tools

Medical device firms told to address cybersecurity risks

FDA says online security should be part of a device's design and development

Digital pharma intelligenceThe FDA has told medical device manufacturers to tackle cybersecurity risks for devices that can connect to each other and other computer systems.

To ensure patients' health and information is better protected the US regulator says in new guidance that online security should be part of a device's design and development.

The FDA also wants manufacturers to document any risks for new devices, the controls they'll put in place to mitigate those risks and their plans for providing patches and updates to operating systems and medical software.

Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at the FDA's Center for Devices and Radiological Health, said: “There is no such thing as a threat-proof medical device. It is important for medical device manufacturers to remain vigilant about cybersecurity and to appropriately protect patients from those risks.”

The regulator said it was not aware of any devices having been targeted, or patients harmed, but the rising number of mobile devices used by patients and healthcare professionals is clearly a concern.

“While the increased use of wireless technology and software in medical devices also increases the risks of potential cybersecurity threats, these same features also improve health care and increase health care providers' ability to treat patients,” the agency noted.

Its final Content of Pre-market Submissions for Management of Cybersecurity in Medical Devices guidance outlines several cybersecurity concerns, including:

•  Malware infections on network-connected medical devices or computers, smartphones, and tablets used to access patient data

• Unsecured or uncontrolled distribution of passwords

• Failure to provide timely security software updates and patches to medical devices and networks

• Security vulnerabilities in off-the-shelf software designed to prevent unauthorised access to the device or network.

The regulator will hold a public workshop on October 21-22 looking at how stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.

3rd October 2014

From: Regulatory

Share

Tags

COVID-19 Updates and Daily News

Featured jobs

PMHub

Add my company
OPEN Health

OPEN Health brings together deep scientific knowledge, global understanding, and broad specialist expertise to support our clients in improving health...

Latest intelligence

When is an agency not an agency?
The PR Week UK Top 150 Consultancies prompts anticipation and curiosity. But can a virtual collective of freelancers fairly be compared and ranked against conventional agencies?...
Why big pharma needs to be braver
The last few years have seen the pharmaceutical industry undergo a rapid metamorphosis in the face of unprecedented change, but communications are one area that still needs an injection of...
Leveraging Real-World Evidence for Cell and Gene Therapies
Regulators and reimbursement bodies are increasingly turning to real-world evidence (RWE) to understand the long-term value of drugs, in particular novel therapies. Here, Mariam Bibi, Senior Director, Global RWE at...