Connect with us

Hi, what are you looking for?

Tuesday, May 30, 2023
Mugglehead Magazine
Alternative investment news based in Vancouver, B.C.

Health and Safety

FDA to reject medical device applications without cyberattack protection plans

As many as 40 per cent of end-of-life devices have no protection at all against cyberattacks

FDA to reject medical device applications without cyberattack protection plans
An insulin pump. Image by cogdogblog via Wikimedia Commons.

The United States Food and Drug Administration (FDA) will be taking a stronger stance on the cybersecurity of medical devices and refuse those that do not have protection against cyberattacks.

The agency published a guidance document end of March where it stated it would collaborate with sponsors of premarket submissions as part of the interactive or deficiency review process if they were submitted prior to the March 29 date.

Over half of digital medical devices and internet-connected tools in United States hospitals face cyberattack risks, according to a Federal Bureau Investigation (FBI) report released in 2022.

Each of the medical devices presently on the market has on average 6.2 vulnerabilities to cyberattacks, according to the 2022 FBI report. Security issues led to recalls of insulin pumps and pacemakers since then.

As many as 40 per cent of end-of-life devices have no protection at all against attacks, according to the report.

These health devices include insulin pumps, intracardiac defibrillators and pacemakers, according to the list given by the FBI.

The Insecurity of Connected Devices in HealthCare 2022 Report key findings. Image via Cynerio.

Read more: K92 Mining sets new record with annual revenue of US$188.2M

Read more: Abbott partners with blood center cooperative to introduce mixed reality tech for better blood draws

The FDA places the onus on sponsors to prove devices are safe

The Consolidated Appropriations Act was signed into law on Dec. 29, 2022. Section 3305 of the Omnibus called “Ensuring Cybersecurity of Medical Devices” amended the Food, Drug and Cosmetic Act by adding section 524B, Ensuring Cybersecurity of Devices. The amendments to the act take effect on March 29, 2023.

FDA approval for future digital medical devices will require sponsor’s to provide evidence that their products are safe against cyberattacks. It will also include a submitted plan to monitor, identify and address any vulnerabilities and threats the device may have.

There have been no noted attacks on medical devices yet, but over half of all hospitals have been targeted with ransomware, and this has had a negative effect on patients.

According to a 2022 research report released by healthcare IoT security firm Cynerio, 76 per cent of hospitals have experienced a cyberattack, usually with ransomware were attacked three more or times. Another 47 per cent of these hospitals paid the ransom. Another 43 per cent of hospitals have suffered a data breach in the past two years and finally 24 per cent of hospitals attacked noted a rise in mortality rates.

Previously submitted devices for premarket approval will not receive a refusal to accept from the FDA until Oct. 1, 2023. Instead, the FDA will work with the manufacturers and sponsors to get the relevant information to assess any safety concerns.

The guidance is only valid until 2025. The omnibus bill also requires the FDA to continually update its cybersecurity guidance to keep up with updates to technology and emerging threats.


Follow Mugglehead on Twitter

Like Mugglehead on Facebook

Follow Joseph Morton on Twitter

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

AI and Autonomy

WELL has already placed numerous investments in early-stage companies that provide tools, including AI, for healthcare providers in Canada

Cyber Security

Mandiant's investigations revealed extensive cyber espionage and information operations before and after Russia's invasion of Ukraine

Health & Wellness

The technology creates virtual environments where medical devices can be easily tested and validated

Health & Wellness

Gamification helps produce positive outcomes in both learning and operative care