Medical Device Cybersecurity Requirements are now LAW!
HealthCareInfoSecurity.com reported that “The $1.7 trillion omnibus spending bill signed into law last week by President Joe Biden contains new cybersecurity requirements for medical devices that make it a game changer for strengthening security within the healthcare ecosystem…” The January 4, 2023 report entitled “Exclusive: FDA Leader on Impact of New Medical Device Law” (https://tinyurl.com/mmbj6cc6) included these comments from Dr. Suzanne Schwartz (director of the Office of Strategic Partnerships and Technology Innovation at the U.S. Food and Drug Administration- FDA):
After a good number of years informing the ecosystem how critical cybersecurity is to patient safety and the security of the healthcare and public health critical infrastructure, we now have validation and acknowledgment of its criticality by having this put into law,…
Even though we have said over and over that cybersecurity of medical devices is not optional and not voluntary, we've never had until now the power of statute, of actual legislation, requiring manufacturers to address cybersecurity of medical devices,…
Putting that link between reasonable assurances of safety and effectiveness of medical devices to medical device cybersecurity - that is highly significant for us…
Seems like great news to me! What do you think?