The FDA recently put out a new Draft Guidance, entitled "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions." The document expanded widely on the guidance shared in 2018, with the FDA recognizing the need to integrate security early in the device lifecycle and showing that their approach has matured to focus on security holistically.
MCRA's Lauren White, Associate Director of Healthcare Information Security & Strategy, has created a high-level overview of the guidance and broken out the key considerations that you need to know. Some key points include:
- Holistic security - incorporating security by design at the beginning of the device lifecycle.
- Integration of cybersecurity into quality system regulations.
- Removal of risk tiers encouraging ALL manufacturers to appropriately consider cybersecurity risks for their devices.
Lauren White and Dan Goldstein, Director of Quality Assurance, have also collaboratively written the following article, "FDA Cybersecurity Update Takes Aim at Medical Device Quality Systems", that discusses how this guidance will really affect your company, your technology and Quality System moving forward.
We know this new guidance can be overwhelming to read and ensure your technology is meeting the correct standards - so we are here to help. MCRA's experts can support your Cybersecurity & Quality Assurance needs. Please reach out to Erinn Grable, Senior Associate, Business Development to schedule a call for more information.