Understanding the FDA Cybersecurity Go-Team

The U.S. Food and Drug Administration (FDA) recently unveiled the Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health, a comprehensive plan with the goal of assessing processes and procedures in order to enhance medical device security in an ever-evolving technological landscape. Medical device cybersecurity, while a relatively new area of concern, is an important undertaking. Cybersecurity is a growing concern in the world of medical devices, and for good reason—according to a recent report, the FDA “regulates over 190,000 different devices, which are manufactured by more than 18,000 firms in more than 21,000 medical device facilities worldwide.”

The Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health outlines several areas it will focus on, however, the area that zeroes in on cybersecurity, says its goal is, “to advance medical device cybersecurity.” Under this point, the FDA plans to introduce the CyberMed Safety Analysis Board, which is being hailed as a “Cybersecurity Go-Team” by the Wall Street Journal. This group will be prepared for medical device cybersecurity threats and investigate security breaches for those 19,000 medical devices in the marketplace.

The sheer amount of regulated medical devices means that there are likely to be serious implications of a cybersecurity attack. This is especially true for connected devices, including Class III implantable devices that connect to the internet and transmit patient information. According to the Wall Street Journal article, “Some of the industry’s challenges, such as the need to regularly update equipment that is used in the field for years on end, may be of interest more broadly… Medical devices present acute cybersecurity challenges because the machines and equipment can have a lifespan of up to 20 years and health-care providers often lack the funding and personnel to update them.”

The CyberMed Safety Analysis Board will be comprised of experts in hardware, networking and biomedical engineering and will “assess vulnerabilities, adjudicate disputes and investigate security problems.” The FDA says it proposed funding for the board in its 2019 budget, which starts Oct 1.

Where is this new concern for medical device security coming from? One answer is that it could possibly stem from the 2017 WannaCry attack that impacted hospitals in England. The cyberattack not only cost companies nearly $4 billion, but according to a Reuters article it also “knocked hospitals offline, forced thousands of patients to reschedule appointments and disrupted infrastructure and businesses around the world.” According to a report from the U.K.’s National Audit Office, some had to resort to pen and paper while their systems were offline.

The FDA’s The Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health will also focus on the following areas:

Establish a robust medical device patient safety net in the United States
Explore regulatory options to streamline and modernize timely implementation of post-market mitigations
Spur innovation towards safer medical devices
Advance medical device cybersecurity
Integrate the Center for Devices and Radiological Health’s (CDRH’s) premarket and post-market offices and activities to advance the use of a TPLC approach to device safety

The concerns of the medical device cybersecurity world continue to evolve and grow, but there are certain steps that organizations can work towards in order to become more secure and safe. Join us at the 3rd Annual Medical Device Cybersecurity Risk Mitigation Conference in Arlington, VA on July 16-17 as we explore the unique challenges facing device cybersecurity professionals, while focusing on strategic risk mitigation and ongoing product safety. Click here to reserve your spot today!

View Our Events

Join Our Mailing List

At Veranex, we can help you with concept through to commercialization by enabling:
• Accelerated speed to market
• Controlled development costs
• Development risk mitigation
• Market viability assessment

At every stage, we navigate our clients to realize efficiencies in cost and time with our integrated and comprehensive solutions.

Visit Sponsor Website

Since TrainingPros was founded in 1997, we have been dedicated to helping our clients find the right consultant for their projects. 25 years later, we are proud to have helped hundreds of clients complete their projects and thousands of consultants find great assignments. We continue to focus on helping our clients and consultants as well as our community as a certified women-owned, award-winning staffing company that works exclusively with Learning & Development professionals to match consultants to client projects.

Visit Sponsor Website

TELCOR is the proven leader of health care software solutions for revenue cycle management (RCM) software and services designed specifically for laboratories. TELCOR RCM, our SaaS solution, and TELCOR Revenue Cycle Services, our billing service, are designed to streamline workflow, improve collections, and provide real-time analytics. Our software and service solutions are designed for the unique challenges and requirements of laboratory specialties and the clients they serve. With full access to data, labs have complete visibility of their data and can track key performance indicators. No other vendor works as hard ensuring you get paid for the work you do.

Visit Sponsor Website

At Tipping Point Media, we pride ourselves on developing innovative, creative, and technically advanced virtual training and digital marketing solutions for the life sciences industry.

We push the limits of what's possible using Augmented and Virtual Reality to create revolutionary experiences proven to increase audience engagement and retention rates.

Our dedicated team of educators, medical experts, certified programmers, and digital renaissance innovators are committed to creating high-quality custom creations that bring your company's vision to life.

Visit Sponsor Website

VantagePoint Performance trains Salespeople to be more fluent and comfortable across different situations needing different sales approaches, and we train Sales Managers to be better coaches and team leaders, with more focus and less stress.

We’re different from the average sales training company because:

We don’t believe that one approach, one system, or one methodology is absolutely superior. All have something to offer, and the “best approach” or “best system” depends on the sales situation. This is what our applied, academic research tells us.
Our use of data science, specifically Machine Learning, helps us learn about our clients more meaningfully. We provide insights from each client’s data to help them understand what drives the success of their top-performing Salespeople and Sales Managers.
We are constantly feeding what we learn back into our training products, and we invest a bigger slice of our total energy into this innovation than the average sales training company. Our clients can access always-refreshed intellectual property and content through our training subscriptions.

Visit Sponsor Website

Policy Reporter, acquired by TrialCard in 2019, provides innovative healthcare software solutions to track payer policies in near real-time and enhances market access for the therapies patients need most. The company’s patented software-driven solutions include a suite of billing and reimbursement tools for providers and laboratories, market intelligence tools for payers, and a suite of market access solutions for life science companies. Its clients include some of the world’s largest pharmaceutical and healthcare companies.

Visit Sponsor Website