Last week, the Food and Drug Adminstration (FDA) closed the public comment period on the draft guidelines for Postmarket Management of Cybersecurity in Medical Devices.
FDA Postmarket Cybersecurity Guidance Respects Clinical Workflow
Topics: FDA, Healthcare Cybersecurity, Ransomware, Medical Device Security, Clinical Security, Clinical Information Systems, Medical Device ePHI
FDA's Draft Guidance: The Long and the Short Of It
People have been asking us all week for our opinions on the FDA's new postmarket cybersecurity draft guidance. All three of Virta Labs' founders have been active in this area, with extensive research in applied security and longstanding support for collaborative efforts:
- raising the flag on potential issues in 2008;
- demonstrating the first attacks on a medical implant;
- signal-injection attacks in the analog domain;
- building novel nonintrusive defenses;
- organizing a series of successful workshops to bring together stakeholders for constructive discussions;
- conducting meta-analysis of postmarket security monitoring; and
- educating the National Academy of Engineering and numerous government bodies about the risks and rewards of medical device security
We read the draft guidance so that you could tl;dr and get back to your own job. Here are the highlights, as we see them.
Topics: FDA, Healthcare Cybersecurity, Medical Device Security, Clinical Engineering, Healthcare IT, Clinical Information Security