Device-Makers Need To Open Up More On Cybersecurity In Pre-Market, Draft Guidance Says
Executive Summary
A new update to the pre-market cybersecurity guidance issued four years ago reflects how US FDA's thinking on the issue has evolved, as more cases of device vulnerabilities have surfaced. Among the key updates are recommendations for sponsors to submit a cybersecurity "bill of materials" in product labeling to better coordinate with end-users and to use a two-tiered risk management approach.
You may also be interested in...
US, Canada Setting Trend For Global Cybersecurity Guidance
A draft IMDRF guidance released this month aims to set the trend for how regulators around the world oversee cybersecurity of medical devices. According to experts, the document also foreshadows what sponsors can expect from the US FDA in areas such as developing a software bill of materials, as the agency updates its own cybersecurity guidances.
There's A Lot On FDA’s 2020 Guidance Priorities Lists – But The Software Pre-Cert Program Isn't One Of Them
The US FDA's device center has released its annual proposed guidance document lists for fiscal year 2020. Industry experts pointed out that the lists don't address the agency's software precertification program that it has been working on so hard. That may just mean the issue has fallen off of the FDA's radar or the agency needs congressional authority to move ahead with issuing guidances on the topic, an industry expert says. Also notable is a lack of an artificial intelligence guidance.
Medtech Security Organization Adopts Widely Used Automation Cybersecurity Standard
The medtech cybersecurity group MDISS says it will adopt the ISA/IEC 62443 cybersecurity standard that has been widely used in an array of industries for the medical device industry. This comes following news from the European medtech group COCIR that it was also considering adopting the standard.