IMDRF Unveils Cybersecurity Guidance for Medical Devices

Devicemakers should assess cybersecurity risks and mitigations throughout the product lifecycle, the International Medical Device Regulators Forum says in a new draft guidance on principles and practices for medical device cybersecurity.

The IMDRF is calling for “convergence of global healthcare cybersecurity principles and practices”  and says the “current disparate regulations across governments lack the global alignment needed to ensure medical device cybersecurity.”

The guidance flags the shared responsibility for cybersecurity among stakeholders, noting that the increasing use of wireless and network-connected devices has resulted in a surge of cybersecurity incidents that have rendered devices and hospital networks inoperable.