Securing Connected Medical Devices to Ensure Regulatory Compliance and Customer Safety (Part One of Two)

Along with many industries, healthcare companies are developing an increasing number of devices with internet and network connectivity. Bringing a medical device to market requires a greater level of scrutiny than other connected products, however, because a cybersecurity breach to one of these devices may be life-threatening. “When we look at the product lifecycle management process, privacy and cybersecurity have to be an essential step that is addressed as an integral product feature,” Abhishek Agarwal, chief privacy officer for legal and compliance at Baxter International, told Cybersecurity Law Report. With input from outside counsel, in-house counsel and regulators, the first article in this series discusses the development and risks of connected devices and recommends pre-market steps companies should take, including questions to ask during a risk assessment and relevant laws and FDA guidance to consider. The second article will explore post-market considerations including breach response, adding connectivity to existing devices, the new proposed FDA post-market guidance and operational best practices. See also “Tackling Privacy and Cybersecurity Challenges While Fostering Innovation in the Internet of Things” (May 20, 2015).

To read the full article

Continue reading your article with a CSLR subscription.