Medtech Cybersecurity Whistleblowers: Traditional Protections, Incentives Apply
Executive Summary
As the medical device industry enters a brave new world of connected products, cybersecurity vulnerabilities and hacking threats have surfaced, raising many questions. Among them: what protections are available to employees who raise the alarm about cybersecurity problems with a device sold by their company. Attorney Alexis Ronickher addresses this question in this article and in a Medtech Insight podcast interview.
You may also be interested in...
FDA Recommends Security Patch For St. Jude Wireless Cardiac Devices
Following months of bickering between St. Jude and Muddy Waters Research, US FDA issued a safety alert for the device-maker's wireless cardiac devices. The agency says there's a risk for malicious cyber-attacks and recommends a software patch to minimize risk.
'Sharing' Organizations Stay In Final Post-Market Cybersecurity Guidance
Despite pushback from industry groups on the use of information-sharing and analysis organizations (ISAOs), US FDA has kept the language the same in its final post-market cybersecurity guidance, but has removed the term "essential clinical performance."
Device-Makers Have Amped Up Defenses Against Hackers
As reports of potential cybersecurity vulnerabilities and ransomware attacks on health-care institutions have increased in recent years, manufacturers are stepping up efforts to protect their products and reputation. To defend against such attacks companies are developing strategies and hiring hackers who are able to understand potential adversaries.