FDA says medical device submissions must meet cybersecurity standards moving forward
April 4, 2023 – Published on Health Care Business News
To curb hacking, the FDA says that manufacturers must continue to update and patch medical devices following their release to stay on top of cybersecurity standards.
Additionally, they must provide a software bill of materials and have a plan for identifying and addressing “postmarket cybersecurity vulnerabilities,” according to the law.
Any devices that use software and are connected to the internet must meet these guidelines, which took effect on March 29, as part of the $1.7 billion omnibus appropriations bill enacted in December 2022 that allocated $5 million to the cause.
“We are seeing a ‘Shift Left’ strategy to push the responsibilities from the operators of the device to the manufacturers of IoMT [Internet of Medical Things] equipment and devices,” Chris Warner, operational technology cybersecurity expert at GuidePoint Security, told The Record.
The law only applies to new solutions, not ones already on the market. Regulators will help companies adjust to the new standards until October 1.
Read More HERE.