The guidance marks the latest in the FDA’s continued attempts to guard against cybersecurity risks, which have become all the more prevalent in recent years. And given the huge amount of sensitive information these devices could contain, it’s imperative that users are kept safe.
“All medical devices that use software and are connected to hospital and health care organizations’ networks have vulnerabilities — some we can proactively protect against, while others require vigilant monitoring and timely remediation,” said the FDA’s Suzanne Schwartz, who serves as the associate director for science and strategic partnerships and acting director of emergency preparedness/operations and medical countermeasures. “Today’s draft guidance will build on the FDA’s existing efforts to safeguard patients from cyber threats by recommending medical device manufacturers continue to monitor and address cybersecurity issues while their product is on the market.”
While there are no legal implications involved with the new guidelines, the FDA is urging manufacturers everywhere to remain vigilant about their products — companies should take steps to monitor and assess risk, disclose vulnerabilities, and do everything they can to be proactive about fighting cybersecurity issues.
Said Schwartz, “Only when we work collaboratively and openly in a trusted environment, will we be able to best protect patient safety and stay ahead of cybersecurity threats.”
Editors' Recommendations
- Microsoft says it’s closing its HealthVault patient records service
- In the future, A.I. medicine will let patients own their health data
- Smart home devices are causing more security risks for businesses
- Who should fix Internet of Things cybersecurity? Congress takes a crack at it
- Consumer groups call out retailers in a bid for better IoT security
