FDA’s Cybersecurity Authority in 2023

Topics:
No items found.
Mike Kijewski
Mike Kijewski

March 29, 2022

FDA’s Cybersecurity Authority in 2023

Today the FDA has issued a new final guidance on the Refuse to Accept (RTA) policy relating to cybersecurity in medical devices, specifically for “Cyber Devices” as defined in the newly-amended FD&C Act (Section 524B). In mapping its guidance to the new statutory authority, the FDA specifies what is expected when a submission is provided to the agency for review.

What does this mean for you? If you’re a company building a medical “cyber device”, it is now a requirement that you build your device to be secure by design, develop strategies to monitor and maintain the security of that device postmarket and for the life of the device, generate and maintain a software bill of materials, and generate the requisite documentation proving you’ve done so as part of your FDA regulatory submission.

When we started MedCrypt in 2016, we heard many healthcare stakeholders say that cybersecurity wouldn’t be an important topic in medical devices until the FDA made it so. The FDA’s announcement makes it clear that this day has come. If you have questions about what you can do to satisfy these new FDA requirements, please reach out to us at info@medcrypt.com. Keep an eye out for a more comprehensive analysis of this new guidance document, coming soon.

MedCrypt exists to help healthcare technology companies build products that are secure by design. We’re excited to help our industry bring innovative clinical technologies to patients today, while anticipating the cybersecurity challenges of tomorrow.

Follow MedCrypt on LinkedIn and Twitter and subscribe to our newsletter to stay up to date on the latest news in medical device cybersecurity.

Related articles

Top 5 Things People Get Wrong About SBOM Generation
This is some text inside of a div block.

Top 5 Things People Get Wrong About SBOM Generation

Vulnerability management
This is some text inside of a div block.
Tools & processes
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Jobe Naff
Jobe Naff

October 30, 2024

Cybersecurity in FDA CDRH’s Proposed Guidance List for Fiscal Year 2025
This is some text inside of a div block.

Cybersecurity in FDA CDRH’s Proposed Guidance List for Fiscal Year 2025

FDA readiness
This is some text inside of a div block.
Regulatory
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Axel Wirth
Axel Wirth

October 28, 2024

Meeting FDA Cybersecurity Requirements with Medcrypt Guardian & RTI Connext
This is some text inside of a div block.

Meeting FDA Cybersecurity Requirements with Medcrypt Guardian & RTI Connext

Company
This is some text inside of a div block.
Cryptography
This is some text inside of a div block.
Tools & processes
This is some text inside of a div block.
All authors
All authors

October 22, 2024

Subscribe to Medcrypt news

Get the latest healthcare cybersecurity news right in your inbox.

We'll never spam you or sell your information