In a blog post on the FDA’s site, Suzanne B. Schwartz, the FDA’s Associate Director for Science and Strategic Partnerships at the Center for Devices and Radiological Health, she outlined the FDA’s approach to medical device cyber safety.
She said the goal of the FDA’s Center for Devices and Radiological Health is to encourage a coordinated approach of vigilance, responsiveness, resilience, and recovery that fits with a culture of continuous quality improvement.
That means manufactures are encouraged to proactively update and patch devices in a safe and timely manner, and the FDA understands that where medical devices are concerned, this can be complex and requires a collaborative approach to find workable solutions.
To help device manufacturers better understand its requirements the FDA has published a set of guidelines for Postmarket Management of Cybersecurity in Medical Devices to go along with its premarket guidance for medical device cybersecurity.
The guidance contains recommendations for comprehensive management of medical device cybersecurity and includes monitoring of devices already on the market. Ms. Schwartz says the agency is working closely with manufacturers to assess cybersecurity risks and address them.
Here are some of the highlights of the non-binding FDA recommendations for medical device makers in terms of cybersecurity along with tips from an FDA Factsheet about medical device cybersecurity.
This includes monitoring, identifying, and addressing cybersecurity vulnerabilities in medical devices once they are on the market. The agency suggests using assessment tools, such as the “Common Vulnerability Scoring System” version 3 to aid in assessment.
If you are looking for an advisory partner, Kapstone Medical is well versed in regulatory planning, 510(k) submissions, CE Mark and quality systems development.
Visit our website or Call Us Today to learn more! Phone: (704) 843-7852 – email: info@kapstonemedical.com.