AHA Wants Better Cyber Security for Medical Devices

The American Hospital Association wants device security protections to be "in line with state-of-the-art practice."
Published: December 2, 2014

The American Hospital Association (AHA) has sent a letter to the Food and Drug Administration (FDA), urging the agency to hold medical device manufacturers accountable for cybersecurity.

Specifically, the AHA wants device security protections to be “in line with state-of-the-art practice.” The organization is hoping the FDA will require manufacturers share information on cyber risk in the healthcare and public health sector.

“Medical device manufacturers must embrace their responsibility to proactively minimize risk and continue updating and patching devices as new intelligence and threats emerge,” wrote Linda Fishman, AHA senior vice president of public policy analysis and development. The letter was sent in response to the FDA’s request for public comments on collaborative approaches for medical device and cybersecurity.

Examples of the measures that device manufacturers should take include implementing appropriate access controls, logging systems and vulnerability remediation tools. The AHA claims manufacturers should not assume that end users with minimal resources, such as small hospitals, will have sophisticated security systems that can implement high-level controls.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

Medical devices have been identified as vulnerable to cyber security breaches.

Posted in: News

Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series