The U.S. FDA is being pressured to ensure that medical device manufacturers are keeping their products safe from potential cyberattacks.
As the risk of cyberattacks on medical devices continues to mount, the Food and Drug Administration isn’t doing enough to ensure device makers include adequate security in their products, experts say.
They charge that part of the problem is that the agency lacks the funds and the trained personnel to evaluate the cyber risk the devices carry and enforce the rules it does have on the books for approving devices.
“I’ve spoken to device manufacturers, specifically product security people at device manufacturers, saying that they’ve been telling their organizations for the last year or two that they need to include cybersecurity as part of their submissions or else they’re going to get rejected,” said Mike Kijewski, CEO of medical device cybersecurity firm MedCrypt. “Yet for some of their recent submissions, they didn’t have a lot of cybersecurity documentation and they still got accepted by the FDA.”
Read the full article at MedTech Dive.