New responsibilities for cybersecurity in medical devices were published by the FDA on September 27th, 2023. These responsibilities such as periodic cybersecurity testing and reevaluation every six months, as well as other added cybersecurity activities are outlined in the updated guidance.

Examples of cybersecurity activities for medical devices include penetration testing, threat modeling, effectiveness of security mitigations, bugs to vulnerabilities, software updates and multiple others. This bolstered expectation for medical device cybersecurity is likely to increase a medical device manufacturer’s labor demand and cost realities.

For assistance familiarizing your company with the new guidance and planning to meet the new demands in the most cost efficient way, contact DPDC to start planning! Reach out now for a free consultation.

To see the document recently published by the FDA regarding medical device cybersecurity, click here. For a summary about the new guidance, click here.