“Smart” but Insecure: Improving Medical Device Cybersecurity
As “smart” medical devices continue to proliferate across the healthcare sector, healthcare organizations have been increasingly targeted by ransomware and other debilitating cyber attacks. These devices are often vulnerable to attacks, potentially allowing malicious hackers to steal patient data, modify medical exam results, or disrupt life-supporting machines. This project proposes that the Food and Drug Administration establish a clear list of cybersecurity requirements for medical devices to receive FDA approval, including the use of Device Query interfaces.
Click below to view various resources for navigating medical device cybersecurity, including two policy briefs proposing new cybersecurity standards and a sample FAQ sheet for the FDA to send to manufacturers and healthcare organizations explaining the minimum standards.