From: FedScoop
Draft guidance outlines FDA’s recommendations for tracking and addressing cybersecurity risks in connected medical devices, like pacemakers, once they have entered the market.
By Whitney Blair Wyckoff
The Food and Drug Administration has put out draft guidance to help medical device makers manage the cyber vulnerabilities of connected pacemakers, insulin pumps and other networked gadgets after they’ve gone to market.
Manufacturers, it says, should create a comprehensive cybersecurity risk management program that stresses ”addressing vulnerabilities which may permit the unauthorized access” to the device or its data by hackers. As part of that program, manufacturers should monitor cybersecurity sources to learn of new risks, share threat information with competitors and adopt coordinated vulnerability disclosure policies and practices. But the agency is seeking input from the private sector on exactly how firms should collaborate.
Leave a Reply