Medical Devices Today

FDA Proposes New Cybersecurity Submission Standards For Devices

Article preview from "The Gray Sheet" - June 17, 2013

Device companies would be expected to more directly address potential cybersecurity threats in pre-market submissions under a FDA draft guidance released June 13.

The agency issued the guidance in conjunction with a safety communication to hospitals and device makers on appropriate safeguards to prevent against cyber-attacks on devices. On the same day, the Department of Homeland Security released its own safety alert about password vulnerabilities affecting 300 medical devices produced by approximately 40 vendors.

The documents are part of an effort by the agencies to make industry and hospital administrators aware of the real potential of cybersecurity threats to medical devices that contain configurable embedded computer systems.

“The important thing for people to understand is that medical devices, like other computer systems, are vulnerable to security breaches,” explained CDRH Deputy Center Director for Science and Chief Scientist William Maisel in an interview. “We’re also aware that devices are increasingly connected – device connections to hospitals networks, hospital networks to devices and to the Internet.”

“We are increasingly aware of vulnerabilities that have been identified and actual incidents where hospital networks and medical devices can become been infected with malware,” he added.

Continued...

Plus:

To find out about more about more about Elsevier Business Intelligence's medical device publications and databases, multi-user access and/or advertising with Medical Devices Today, please contact  Kristy Kennedy at (480) 985-9512