FDA-DHS Collaborate to Mitigate the Risks of Medical Device Cybersecurity


The U.S. Food and Drug Administration (FDA) along with the Department of Homeland Security (DHS) presented a memorandum of agreement to make use of a new system for better cooperation and improving coordination of their endeavors to increase healthcare device safety.

The cybersecurity vulnerabilities in healthcare devices is a rising issue considering that hackers can take advantage of these vulnerabilities and possibly cause harm to patients. Seeing that more medical devices are able to connect to healthcare networks today, it is really crucial that there are adequate safety measures in place to ensure the safety of patients, to detect and abate threats without delay.

Because of the potential vulnerabilities of medical devices, attackers could exploit them to enter healthcare networks and get sensitive data. More cyberattacks can be introduced to hinder giving patient care. It is likewise possible that hackers would intentionally cause harm to patients, but as of late there’s no report of such incidents.

The FDA and DHS are aware of the reality of threats caused by vulnerable medical devices, for that reason they are working hard to strengthen cybersecurity. The new MOA is one vital venture of the two agencies.

The FDA is working on a solid plan to take care of medical device cybersecurity problems, however FDA cannot resolve it on its own. With the new MOA, the two agencies are going to share information with each other to improve understanding of new risks to medical device safety. Every time vulnerabilities are detected, the two agencies will work directly to analyze the threat to patient safety caused by the device flaws. The agencies will similarly organize the review of the vulnerabilities.

As the two agencies are working with each other, it would help them avoid duplication of activities. Detecting and mitigating risks becomes more successful. The discovery of medical device vulnerabilities will still be under the central coordination of DHS via the National Cybersecurity and Communications Integration Center (NCCIC). DHS is responsible for managing information sharing with the FDA, medical device manufacturers and privacy researchers.

The FDA’s Center for Devices and Radiological Health possesses extensive technical and clinical competence for assessing the risk that medical devices vulnerabilities have on patient health and the likelihood of harming the patients. When facts are available, it will share them with DHS through regular, ad hoc, and urgent calls.