The US Food and Drug Administration has issued a final guidance addressing the cyber vulnerabilities in medical devices, outlining how manufacturers should maintain security of internet-connected devices such as pacemakers and insulin pumps.
The FDA said manufacturers must build cybersecurity controls into medical devices during the development process. Further, they should establish, document and maintain the identification of hazards throughout the device lifecycle as part of risk management.
"Today’s post-market guidance recognizes today’s reality: Cybersecurity threats are real, ever-present and continuously changing," said Suzanne Schwartz, the FDA’s associate director for science and strategic partnerships. "As hackers become more sophisticated, these cybersecurity risks will evolve."
US Food and Drug Administration, FDA, Medical, Cyber, US