● Resolution. Demonstrable commitments to meeting the pre- and postmarket cybersecurity guidance are important for the FDA and for HDOs to have confidence in a device not compromising a HDO’s cybersecurity posture. Security methodologies, patch management documentation and verification/validation testing documentation can enable a healthcare system to more rapidly risk assess a device both at implementation and over the lifetime of a device.
The penalties are likely coming as regulators finalize draft cybersecurity guidance – in 2019 we will see how device vendors react to these requirements. HDOs collaborating with device vendors to meet FDA cybersecurity requirements will demonstrate a commitment to improving security throughout the entire healthcare community.
About the author: Mike Kijewski is the founder and CEO of San Diego-based MedCrypt, a company that encrypts data traveling to and from medical devices with just a few lines of code, ensuring they are Secure-by-Design to meet the FDA's newly updated cybersecurity guidelines.Back to HCB News
