April 8, 2022 – The FDA has released a new draft on cybersecurity considerations for medical device makers submitting material for a pre-market review. As threats to healthcare become more frequent and severe, the FDA is updating the guidelines to reflect the evolving healthcare landscape.
The introduction of the report says, “Cybersecurity threats to the healthcare sector have become more frequent and more severe, carrying increased potential for clinical impact. Cybersecurity incidents have rendered medical devices and hospital networks inoperable, disrupting the delivery of patient care across healthcare facilities in the U.S. and globally. Such cyber-attacks and exploits may lead to patient harm as a result of clinical hazards, such as delay in diagnoses and/or treatment.”
The updated guidance is designed to facilitate “an efficient premarket review process,” while ensuring medical devices marketed to the healthcare industry are resilient to cybersecurity threats. It also covers cybersecurity issues that device manufacturers should address in the development and design process of their products, as well as premarket submissions.
The FDA is currently seeking input from healthcare experts to further develop insights for cybersecurity guidance.