Tag Archives: medical devices

CDRH Releases Postmarket Cybersecurity Final Guidance

By Christopher Hanson On December 28, 2016, CDRH announced the publication of the final guidance “Postmarket Management of Cybersecurity in Medical Devices.”  In a separate post, we reported on the January 22, 2016 draft version of this guidance document.  The final guidance provides FDA’s recommendations on a risk-based framework for medical device manufacturers to assess and … Continue Reading

After Two-Day Workshop, CDRH Releases Postmarket Cybersecurity Draft Guidance

By Christopher Hanson On January 22, 2016, CDRH announced in the Federal Register the publication of the draft guidance,“Postmarket Management of Cybersecurity in Medical Devices.”  The release of the draft guidance coincided with the conclusion of a two-day public workshop hosted by FDA entitled, “Moving Forward: Collaborative Approaches to Medical Device Cybersecurity.”  We previously discussed … Continue Reading

Cybersecurity Risks with Connected Devices

Cybersecurity vulnerability is becoming an increasing concern as medical devices are becoming more connected to the Internet, hospital networks, and other medical devices. As we previously reported, FDA has increasingly focused on promoting cybersecurity, recognizing that compromised medical devices can pose a risk to patient health and safety and to the confidentiality of personal medical … Continue Reading

UK Data Protection Regulator Surveys Use of Smart Medical Devices

By Phil Bradley-Schmieg The UK Information Commissioner’s Office (ICO) has launched an informal survey of current practices relating to the use of data-enabled medical devices and apps. The short and anonymous survey explores whether organisations have put in place specific policies and procedures, asset registers, IT security requirements for medical device procurement policies, information governance … Continue Reading

FDA Releases Final Guidance on Cybersecurity in Medical Devices, Public Workshop to Follow on October 21-22, 2014

On October 2, 2014, the Food and Drug Administration (FDA) released a final guidance document titled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices”.  The FDA said that the “need for effective cybersecurity to assure medical device functionality and safety has become more important with the increasing use of wireless, Internet- and … Continue Reading

US Information Security and Privacy Board Expresses Concerns about Management of Cybersecurity in Wireless Medical Devices

The US Information Security and Privacy Board (ISPAB) voiced concerns over potential harms resulting from a lack of controlled management of cybersecurity in wireless medical devices in response to FDA’s  draft guidance, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.”  ISPAB operates under the National Institute of Standards and Technology (NIST) in its … Continue Reading
LexBlog