• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, Network Security, News

FDA to Regulate Medical Device Cybersecurity

A new law requires manufacturers of medical devices to ensure that their equipment and related systems are cybersecure.

January 19, 2023 TD Staff Leave a Comment

Electronic medical record with patient data and health care information in tablet. Doctor using digital smart device to read report online. Modern technology in hospital.
terovesalainen/stock.adobe.com

For years now, healthcare providers have been struggling with the cybersecurity issues posed by medical devices. One study released in December found that internet-connected medical devices have a 24% greater risk for cyberattacks.

However, a new federal law passed late last year offers some relief.

The Food and Drug Administration (FDA) now has the authority and $5 million to establish security requirements for pre-market medical devices. The new law requires the manufacturers of internet-connected medical machines to reasonably ensure that their equipment and related systems are cybersecure, reports Lawfare.

That means that all medical device submissions will soon be required to include a software bill of materials and evidence that demonstrates the product can be updated with software patches, reports SC Media.

The move is being applauded by much of the healthcare industry and cybersecurity community. However, the new law only applies to pre-market devices that are waiting for FDA approval. It’s also unclear when manufacturers will be required to comply with the new rules.

The cyber risks posed by medical equipment has been widely known for years. Back in 2015, security researchers warned hospitals and the public that thousands of medical devices were vulnerable to hacking. That equipment included MRI scanners, X-ray machines, and drug infusion pumps.

In 2020, the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to hospitals and other healthcare facilities about dozens of GE Healthcare imaging and ultrasound products used for CT scans, MRIs, mammograms, ultrasounds and positron emission tomography.

In late 2021, the FDA warned healthcare providers that widespread cybersecurity vulnerabilities in commonly used software could affect medical devices by allowing unauthorized users to take control. Other warnings have been issued over the years regarding the cybersecurity issues related to defibrillators, pacemakers.

The medical device security issues add to a growing list of cybersecurity challenges facing healthcare. According to one report, last year nearly 300 U.S. hospitals were impacted by ransomware attacks.

Cybersecurity breaches can result not only in the unauthorized sharing and use of patient and employee information, they can negatively affect patient care.

Another version of this article originally appeared on our sister-site CampusSafety on January 19, 2023. It has since been updated for My TechDecisions’ audience.

Tagged With: Cybersecurity, FDA, Medical device

Related Content:

  • Sony SRG A PTZ Cameras Sony Introduces Two New AI-Enabled PTZ Cameras
  • Microsoft Office 365 Government Secret cloud, MIcrosoft Microsoft Makes Office 365 Secret Cloud Available for…
  • Concept of File management. Searching files in database., 3d vector illustration. Gen Z vs. Baby Boomers: Which Generation Has…
  • DanteAV hero Audinate Dante AV Adoption Accelerates with New Partners…

Free downloadable guide you may like:

  • Blueprint Series Cover: What works for hybrid workBlueprint Series: What Works for Hybrid Work

    Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.