FDA’s Cybersecurity Authority in 2023

Topics:
No items found.
Mike Kijewski
Mike Kijewski

March 29, 2022

FDA’s Cybersecurity Authority in 2023

Today the FDA has issued a new final guidance on the Refuse to Accept (RTA) policy relating to cybersecurity in medical devices, specifically for “Cyber Devices” as defined in the newly-amended FD&C Act (Section 524B). In mapping its guidance to the new statutory authority, the FDA specifies what is expected when a submission is provided to the agency for review.

What does this mean for you? If you’re a company building a medical “cyber device”, it is now a requirement that you build your device to be secure by design, develop strategies to monitor and maintain the security of that device postmarket and for the life of the device, generate and maintain a software bill of materials, and generate the requisite documentation proving you’ve done so as part of your FDA regulatory submission.

When we started MedCrypt in 2016, we heard many healthcare stakeholders say that cybersecurity wouldn’t be an important topic in medical devices until the FDA made it so. The FDA’s announcement makes it clear that this day has come. If you have questions about what you can do to satisfy these new FDA requirements, please reach out to us at info@medcrypt.com. Keep an eye out for a more comprehensive analysis of this new guidance document, coming soon.

MedCrypt exists to help healthcare technology companies build products that are secure by design. We’re excited to help our industry bring innovative clinical technologies to patients today, while anticipating the cybersecurity challenges of tomorrow.

Follow MedCrypt on LinkedIn and Twitter and subscribe to our newsletter to stay up to date on the latest news in medical device cybersecurity.

Related articles

What are you missing? Understanding cybersecurity reasons for FDA approval delays
This is some text inside of a div block.

What are you missing? Understanding cybersecurity reasons for FDA approval delays

Thought leadership
This is some text inside of a div block.
Regulatory
This is some text inside of a div block.
FDA readiness
This is some text inside of a div block.
Vulnerability management
This is some text inside of a div block.
All authors
All authors

June 5, 2024

Decoding SBOM and Vulnerability Management: A Comprehensive Q&A Guide
This is some text inside of a div block.

Decoding SBOM and Vulnerability Management: A Comprehensive Q&A Guide

Tools & processes
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Om Mahida
Om Mahida

May 16, 2024

Case Study: Elevating Post-Market Vigilance Through Enhanced Vulnerability Detection
This is some text inside of a div block.

Case Study: Elevating Post-Market Vigilance Through Enhanced Vulnerability Detection

Tools & processes
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Om Mahida
Om Mahida

April 17, 2024

Subscribe to Medcrypt news

Get the latest healthcare cybersecurity news right in your inbox.

We'll never spam you or sell your information