The FDA and Department of Homeland Security are stepping up efforts to protect patients from cybersecurity attacks on medical devices, according to a press release.
The two agencies announced a memorandum of agreement that formalizes a “long-standing relationship” between the FDA and DHS that encourages the agencies to share information about possible or actual medical device cybersecurity vulnerabilities and threats. This can lead to faster and better responses to threats to patient safety, the agencies stated.
“The FDA has been proactive in developing a robust program to address medical device cybersecurity concerns,” FDA Commissioner Scott Gottlieb, MD, said in the release. “But we also know that securing medical devices from cybersecurity threats cannot be achieved by one government agency alone. Every stakeholder has a unique role to play in addressing these modern challenges.”
Christopher Krebs, DHS’s undersecretary for the national protection and programs directorat, explained why his agency needs to coordinate with the FDA.
“Ensuring our ability to identify, address and mitigate vulnerabilities in medical devices is a top priority .... This agreement is another important step in our collaboration,” he said in the release. “DHS has some of the top experts on control systems technology, and we look forward to continuing to leverage this expertise for the sake of improving the lives and safety of people across the country.”
According to the press release, the agreement allows for the FDA to continue participating in regular, ad hoc and emergency coordination calls with DHS and advise DHS regarding the risk to patient health and the potential for harm posed by identified cybersecurity threats and vulnerabilities. DHS will continue coordinating medical device vulnerabilities and interfacing with appropriate stakeholders. The agency will consult the FDA for clinical and technical expertise regarding medical devices.
Disclosures: Gottlieb and Krebs report no relevant financial disclosures.