Companies Nervous About 'Sharing' Organizations Touted In FDA Cyber Guidance
This article was originally published in The Gray Sheet
Executive Summary
Industry groups have questions and concerns about the Information Sharing and Analysis Organizations highlighted in FDA's recent postmarket cybersecurity draft guidance. The agency's use of the term "essential clinical performance" in the document has also raised concerns, comments submitted to FDA show.
You may also be interested in...
Device-Makers Have Amped Up Defenses Against Hackers
As reports of potential cybersecurity vulnerabilities and ransomware attacks on health-care institutions have increased in recent years, manufacturers are stepping up efforts to protect their products and reputation. To defend against such attacks companies are developing strategies and hiring hackers who are able to understand potential adversaries.
J&J, Hacker Work Together To Fix Insulin Pump Vulnerability
US FDA says the collaborative approach taken by an independent security researcher and Johnson & Johnson/Animas in responding to a potentially fatal cybersecurity vulnerability with the firm's Animas OneTouch Ping insulin pump should be a model for the industry that aligns with the agency's recent draft guidance.
St. Jude Hacking-Risk Allegations: US FDA Continues Assessment, As Firm Files Lawsuit
While conflicting reports have surfaced regarding the veracity of allegations from a short-seller that a significant number of St. Jude cardiac rhythm management devices have serious cybersecurity flaws, FDA says plans to complete an initial assessment of the allegations soon. The Minnesota device-maker, meanwhile, says it is suing the short-seller for disseminating false information.