FDA formulates fresh guidelines to protect Medical Devices against Cyber Attacks


The US Food and Drug Administration (FDA) department has issued a new set of guidelines which have to be followed by medical device manufacturers supplying equipment to government and private agencies. The recommendations are made to maintain the security of internet connected devices when they reach hospitals, patient homes and patient bodies.

It is a known fact that unsecured devices are vulnerable to cyber attacks making hackers tamper data related to the delivery of medication by the device. This could not only harm patients but in cases, could lead to serious consequences such as patient’s death.

Thus, based on the recommendations of last January, the US FDA has issued a 30-page document which encourages manufacturers to keep a track of their devices and associated software for bugs and other such problems. 

After receiving numerous complaints from patients seeking medical assistance, FDA has warned the entire healthcare industry that medical devices are vulnerable to cyber attacks. People and agencies using Pacemakers, defibrillators, and insulin pumps are said to be at a high risk.

Therefore, as poorly secured devices could give cyber criminals access to hospital networks and critical data, identity theft is on rising.
In order to prevent cyber espionage, FDA has come up with certain guidelines which from now on have to be practiced by those manufacturing medical devices.

The FDA issued a set of guidelines for manufacturers building cyber security protection in medical devices in October 2014.
Now, the medical administration has come up with the latest set of stipulations after considering the evolution of cyber threats in recent times.

Hence, with the latest set of rules, FDA is attempting to keep the healthcare sector safe and secure from cyber threats.

FDA has also made it clear that more such policies will come into place in future to address cyber security concerns to the fullest.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display