Skip to content

FDA says medical device submissions must meet cybersecurity standards moving forward

Posted by: GuidePoint Security

< 1 min read

April 4, 2023 – Published on Health Care Business News

To curb hacking, the FDA says that manufacturers must continue to update and patch medical devices following their release to stay on top of cybersecurity standards.

Additionally, they must provide a software bill of materials and have a plan for identifying and addressing “postmarket cybersecurity vulnerabilities,” according to the law.

Any devices that use software and are connected to the internet must meet these guidelines, which took effect on March 29, as part of the $1.7 billion omnibus appropriations bill enacted in December 2022 that allocated $5 million to the cause.

“We are seeing a ‘Shift Left’ strategy to push the responsibilities from the operators of the device to the manufacturers of IoMT [Internet of Medical Things] equipment and devices,” Chris Warner, operational technology cybersecurity expert at GuidePoint Security, told The Record.

The law only applies to new solutions, not ones already on the market. Regulators will help companies adjust to the new standards until October 1.

Read More HERE.

Categories: Governance, Risk & Compliance News Vulnerability Management & Penetration Testing
Tags:IoMTIoT

GuidePoint Security

IoT Services
IOT Assessments Your IoT security concerns cover all aspects of information security, and so should your solution provider. IOT Security […]
Download

Related Articles

View All

IoT Services
Read More 3 min read
  • Cybersecurity
FDA can now reject new medical devices over cyber standards
Read More < 1 min read
  • Cybersecurity
New security flaw threatening thousands of medical devices
Read More 2 min read