United States: FDA Issues Final Guidance On Cybersecurity In Medical Devices, Calls On Health Care And Public Health Community For Ideas On Collaboration

October is National Cybersecurity Awareness Month, and FDA has accordingly issued its final guidance on Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. The guidance contains recommendations for medical device manufacturers on cybersecurity management and information to include in a premarket submission. FDA's recommendations focus on what manufacturers can do before marketing products to ensure the data collected and transmitted by the device is secure. For example, FDA cautions against unsecured distribution of passwords and not updating security software updates and patches to medical devices and networks. These recommendations supplement earlier FDA guidance documents addressing cybersecurity related to medical devices. Later this month, FDA, in collaboration with the Department of Health and Human Services and the Department of Homeland Security, will hold a public workshop titled Collaborative Approaches for Medical Device and Healthcare Cybersecurity to identify health care and public health cybersecurity challenges and how stakeholders can work together to address these challenges. FDA is soliciting comments on this topic through November 24, 2014.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.