miércoles, 1 de octubre de 2014

CDRH Industry: ANNOUNCING Final Guidance and FDA Webinar, “Content of Premarket Submission for Management of Cybersecurity in Medical Devices”

Today the Food and Drug Administration (FDA) issued a final guidance document, “Content of Premarket Submission for Management of Cybersecurity in Medical Devices.”  This guidance identifies issues related to cybersecurity that manufacturers should consider in the design and development of medical devices and in preparing premarket submissions.
The need for effective cybersecurity to assure medical device functionality and safety has become more important with the increasing use of wireless, Internet- and network- connected devices, and the frequent electronic exchange of medical device-related health information.
This guidance applies to premarket medical device submissions received beginning October 1, 2014.
We are recommending that manufacturers include the following types of information, when appropriate, in the premarket submission:
  • A justification of the security functions chosen for their medical devices;
  • A list of cybersecurity risks considered in the medical device’s design;
  • A matrix that traces those risks considered to the appropriate controls; and,
  • A systematic plan for providing patches and updates to operating systems or medical device software.
On October 29, 2014, the FDA will hold a webinar to explain the guidance and to provide a forum for asking questions you may have.  Registration is not necessary.  

Webinar Details:
Date:  Wednesday, October 29, 2014
Time: 2:00 PM – 3:30 PM, Eastern Time
To ensure you are connected, log-in by 1:45 PM.

To hear the presentation and ask questions:
Dial: 888-456-0356; passcode:  9748303

To view the slide presentation during the webinar:
Conference number: PW8952921
Passcode: 9748303

Following the webinar, a transcript, recording and slides will be available at:

Please Note: the slide presentation will also be available at this site on the morning of the webinar.
Cybersecurity is shared responsibility among many stakeholders. On October 21 and 22, we, along with the Department of Homeland Security and the Department of Health and Human Services, are holding a public meeting, Collaborative Approaches for Medical Device and Healthcare Cybersecurity with the goal of encouraging collaboration among stakeholders, identifying challenges and discussing  strategies and best practices for promoting medical device cybersecurity.  We welcome your input as we move forward.

If you have questions/concerns, please contact the Division of Industry and Consumer Education (DICE) in the Center for Devices and Radiological Health (CDRH) at 1-800-638-2041, 301-796-7100 or dice@fda.hhs.gov.

Food and Drug Administration
Center for Devices and Radiological Health

No hay comentarios: