AHA Wants Better Cyber Security for Medical Devices

The American Hospital Association wants device security protections to be “in line with state-of-the-art practice.”

The American Hospital Association (AHA) has sent a letter to the Food and Drug Administration (FDA), urging the agency to hold medical device manufacturers accountable for cybersecurity.

Specifically, the AHA wants device security protections to be “in line with state-of-the-art practice.” The organization is hoping the FDA will require manufacturers share information on cyber risk in the healthcare and public health sector.

“Medical device manufacturers must embrace their responsibility to proactively minimize risk and continue updating and patching devices as new intelligence and threats emerge,” wrote Linda Fishman, AHA senior vice president of public policy analysis and development. The letter was sent in response to the FDA’s request for public comments on collaborative approaches for medical device and cybersecurity.

Examples of the measures that device manufacturers should take include implementing appropriate access controls, logging systems and vulnerability remediation tools. The AHA claims manufacturers should not assume that end users with minimal resources, such as small hospitals, will have sophisticated security systems that can implement high-level controls.

Medical devices have been identified as vulnerable to cyber security breaches.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

robin hattersley headshot

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo