Cybersecurity in Medical Devices

LIVE WEBINAR - June 28 | 11:00AM EST

Draft FDA Guidance: Cybersecurity in Medical Devices

Understanding the Detailed Changes to the Current FDA Guidance for Cybersecurity for Medical Devices


The Food and Drug Administration (FDA) issued an updated draft on the "Quality System Considerations and Content of Premarket Submissions" guidance to address cybersecurity for medical devices in late April 2022, currently in comment period until July, and expected to be finalized by late 2022. The proposed changes will update and supersede the 2014 and 2018 Guidance documents. Online threats to the healthcare sector have become more frequent and more severe, carrying increased potential for clinical impact. Cybersecurity incidents have rendered medical devices and hospital networks inoperable, disrupting the delivery of patient care across healthcare facilities in the U.S. and globally.

Join us to gain an understanding of the changes being proposed in the cybersecurity program for medical devices and the potential impact to medical product development process and to the 510(k) pre-market submissions. While this is a draft, it will be helpful to understand how many of these changes may be helpful for safely operating medical device systems. These systems can include health care facility networks, other devices, and other interconnected components. As a result, ensuring device cyber safety and effectiveness is a key to ensuring the safety and security of the patient.

Key Learning Points:

  • Process changes to medical device development
  • Impact on cybersecurity design and testing of devices and services
  • Requirements for 501(k) pre-submission and pre-market approval (PMA)
  • Determine if you need to make comments to the FDA draft guidance


John McDonald, Principal Consultant and Practice Manager at TÜV Rheinland
Presenter:
John McDonald
Principal Consultant and Practice Manager for Mastering Risk and Compliance
TUV Rheinland of North America
John is a Principal Consultant and Practice Manager for TUV Rheinland of North America’s Mastering Risk and Compliance practice. He has over 40 years of experience in the IT industry with a primary focus on cybersecurity, and has assessed, designed and implemented cybersecurity, risk management and compliance programs with a focus on medical devices and healthcare environments for dozens of device manufacturers and healthcare organizations. He is familiar with most major medical device and healthcare-related standards and regulations, including ISO, NIST, IEC, UL, AAMI, US FDA, US HHS, EU MDR, MDSAP, IMRDF and Australia TGA. John is a CISSP and is CRISC certified.
Sign up for the FREE Webinar below!
 
Connect with us!
 
© TÜV Rheinland 2025
 
Back to top