Medical Device Premarket and Post market Cyber security following the new FDA Guidances
Duration: 60 Minutes
Medical devices, like other computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device. This vulnerability increases as medical devices are increasingly connected to the Internet, hospital networks and to other medical devices. This webinar will describe a program that will minimize risk to the user from cyber attacks.
All medical devices carry a certain amount of risk. The FDA allows devices to be marketed when there is a reasonable assurance that the benefits to patients outweigh the risks. While the increased use of wireless technology and software in medical devices also increases the risks of potential cyber security threats, these same features also improve health care and increase the ability of health care providers to treat patients.
Addressing cyber security threats, and thus reducing information security risks, is especially challenging. Because cyber security threats cannot be completely eliminated, manufacturers, hospitals and facilities must work to manage them. There is a need to balance protecting patient safety and promoting the development of innovative technologies and improved device performance.
Objectives of the Presentation
Why Should you Attend
- What is cybersecurity
- Current cybersecurity threats to medical devices
- FDA's perspectives on the roles of medical device suppliers in cybersecurity management
- Developing robust security mitigations to incorporate into your device design
- How to maintain a compliant program
- Cybersecurity risk analysis
- Information sharing groups(ISAO)
- Interfacing with network users
- FDA conditions for not reporting cybersecurity problems
Medical device cybersecurity has become very important to the FDA. They have issued two recent guidances on the subject, the latest in December 2016.
FDA expects a proactive extensive risk based program to minimize risk to the user from cyber attacks including involvement with information sharing groups. The company must establish a program where they identify, analyze and control cybersecurity risks. A formal special hazard analysis must be conducted for each risk. Communication of risks must be sent to device users. A complex set of reporting requirements has been established with some exceptions established. This webinar will describe a program that will be compliant to the FDA requirements.
Who will Benefit
- Medical device company CEOs/Presidents/Managing Directors
- Hospital Risk Managers
- Clinical Department Heads
- IT security professionals
- Engineering Manager
- Regulatory Personnel
- Development Engineers
- Production Management
- QA/QC Personnel
- Software Developers
- Usability engineers
- Risk managers
- Design Engineering Managers