Medical Device Manufacturers Must Increase Cybersecurity: FDA Suggests

Patient's safety is always the priority of the U.S. Food and Drug Administration (FDA). The increasing concern of the industry led the agency to urge the manufacturers to tighten the cyber security of the medical devices they produce.

Medical devices such as heart's pacemakers and infusion pumps are usually linked on the internet or in the hospital's network which made them vulnerable to hacking, that might put the safety and security of the patients in danger.

The U.S. FDA instructed the manufacturers to regularly track their products and act on the cyber security threats immediately -- of which they are encountering, as posted on Tech Times. They will allow the manufacturers to fix the issues raised to them without informing the agency within 30 days after notification of the threat.

However, they are required to inform the federal agency as soon as possible, especially if the cyber security threat can potentially compromise the patient's safety. FDA also recommends that aside from the manufacturers -- being vigilant about the safeguard of their products -- health care facilities and hospitals must also evaluate the security of their network to protect their hospital system.

Furthermore, according to Information Week Dark Reading, to intensify cyber security, the FDA issued draft guidelines for medical device makers that focus on cyber security threats intelligence-sharing through Information Sharing Analysis Organizations, which include security best practices, vulnerability disclosure and remediation programs.

The FDA guidance will be explained thoroughly during a cyber security workshop -- titled as "Moving Forward: Collaborative Approaches to Medical Device Cybersecurity" -- scheduled on Jan. 20 to 21 at the health agency's Silver Spring, Maryland headquarters. The consumers are allowed to comment regarding the content of the document for 90 days.

On the other hand, the "I Am The Cavalry" group also published the "Hippocratic Oath for Connected Medical Devices," which aims to encourage medical device makers to ensure that their equipment is safe and that healthcare providers must also see to it that they purchase a secured equipment and they know how to store it accordingly.