CHIME, a professional association for chief information officers, and AEHiS, which represents chief information security officers, seek tighter control of medical devices for security purposes.
The organizations this week submitted comments to the Food and Drug Administration in response to the agency’s request last October for industry guidance on the content of premarket submissions for management of cybersecurity protections in medical devices.
The guidance is intended to provide recommendations to industry regarding cybersecurity device design, labeling and the documentation that the FDA recommends be included in premarket submissions for devices that have a cybersecurity risk.
Devices are part of an ecosystem, CHIME CEO Russell Branzell and AEHiS Chairman Sean Murphy told regulators in the joint comment letter.
“An infected device can serve as a beachhead for intruders intent of gaining entry to a healthcare provider’s network. Since devices are part of a larger healthcare technology ecosystem, it is important to recognize that patient safety threats being discussed extend well beyond medical devices, even if they originate there. Therefore, singling…
