To address growing concerns about cyber attacks and ransomware incidents, the Food and Drug Administration (FDA) has mandated new cybersecurity guidelines for medical devices. All new medical device applicants are now required to submit a cybersecurity plan outlining how they intend to “monitor, identify, and address” cybersecurity issues.

The FDA must also develop a process to ensure “reasonable assurance” that the device is secure from cyber threats. The FDA will require applicants to provide regular security updates and patches, as well as to disclose any open-source or other software used in their devices, according to CNN News.

In the past, the FDA has been chastised for not doing enough to address medical device cybersecurity concerns. FDA must now update its medical device cybersecurity guidance every two years, according to the bill.

According to a 2022 FBI report, more than half of digital medical devices and internet-connected products in hospitals had known vulnerabilities. Hackers could use these flaws to provide inaccurate readings, administer drug overdoses, or cause other risks to patient health.

Images: MidJourney, Prompts by Lewis Farrell

Interesting story? Please click on the 👍 button below!

Let us know your thoughts! Sign up for a Mindplex account now, join our Telegram, or follow us on Twitter.