FDAnews
www.fdanews.com/articles/188484-oig-fda-needs-to-better-integrate-cybersecurity-into-device-reviews

OIG: FDA Needs to Better Integrate Cybersecurity Into Device Reviews

September 19, 2018

The FDA needs to do more to ensure the cybersecurity of networked medical devices, according to a new report from the HHS Office of Inspector General.

The OIG acknowledged the FDA has been working to address cybersecurity threats, noting the agency currently considers known cybersecurity risks when reviewing devices and requests cybersecurity documents from manufacturers. But the OIG determined that cybersecurity checks are missing from two key tools in the premarket review process.

The agency’s “Refuse-to-Accept” checklists don’t include checks for cybersecurity, and the “Smart” template the agency uses to guide submission reviews — at the time of the OIG’s study — didn’t include any cybersecurity questions.

View today's stories