FDA commitment to regulate cybersecurity continues.
The guideline draft “Content of Postmarket Submissions for Management of Cybersecurity in Medical Devices”, in fact, is now officially on line as completion of the already published in 2014 guideline “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices”.
Cybersecurity means to prevent risks caused by Medical Devices that, like other computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device. This vulnerability increases as Medical Devices are increasingly connected to the Internet, hospital networks, and to other Medical Devices.
It is a long time that FDA is sensitive to the problem, faced in two ways: the guideline “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices” requires some relevant information to be submitted in pre-market procedures (510(k)s or PMAs, for instance), while in the draft “Content of Postmarket Submissions” post-market requirements are described.
For more information:
http://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm
http://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm482022.pdf
http://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm356190.pdf