STAT+: Medical device companies now need to prove to FDA they’re protected against cyberattacks

Hidden in this year’s federal spending bill lies a little-noticed change with big implications: a mandate to protect medical devices from hacks or ransomware attacks.

Mar 30, 2023 - 20:00
STAT+: Medical device companies now need to prove to FDA they’re protected against cyberattacks

Hidden in this year’s federal spending bill, among major changes to Medicare payments to doctors and post-pandemic Medicaid, lies a little-noticed change with big implications: a mandate to protect medical devices connected to the internet from hacks or ransomware attacks.

The law, which goes into effect Wednesday, explicitly states that companies cannot sell their connected medical devices without first showing the Food and Drug Administration a solid cybersecurity plan. It also gives the FDA $5 million to see a higher security standard through. Historically, the agency has lacked the resources to keep up with rapidly-evolving security threats, or the authority to force device makers to comply with its draft guidelines.

Continue to STAT+ to read the full story…

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow