On October 2, 2014, the FDA released a set of comprehensive guidelines governing the Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. The guidelines are intended to provide direction for manufacturers of medical devices on how to appropriately safeguard devices from a potential security breach; particularly in light of the sensitive medical information such devices may store or transmit. The FDA passed down recommendations from identifying vulnerabilities at the manufacturing stage to protecting against unauthorized access, as well as suggestions on outfitting devices with appropriate incident response mechanisms. The guidelines placed significant emphasis on maintaining device functionality despite increased security, which may present a unique challenge to manufacturers.
Please read the full alert analyzing the guidelines here.