MedTech Dive August 11, 2022
A new draft guidance and pending legislation would require medical device developers to include cybersecurity information in FDA submissions.
As the risk of cyberattacks on medical devices continues to mount, the Food and Drug Administration isn’t doing enough to ensure device makers include adequate security in their products, experts say.
They charge that part of the problem is that the agency lacks the funds and the trained personnel to evaluate the cyber risk the devices carry and enforce the rules it does have on the books for approving devices.
“I’ve spoken to device manufacturers, specifically product security people at device manufacturers, saying that they’ve been telling their organizations for the last year or two that they need to include...