Legacy medical devices are “a key vulnerability for hospitals and health systems,” related to cybersecurity, and device “manufacturers must support end-users in providing a secure environment for safe patient care,” AHA today told leaders of the House Committee on Energy and Commerce. “This support should include wrapping security precautions around these devices, adding security tools and auditing capabilities where possible, conducting regular updates and patching all software, and communicating security vulnerabilities quickly through consistent channels,” AHA said in response to a committee request for information on how best to keep medical devices secure over their useful lifetimes. Among other comments, AHA said that the Food and Drug Administration must make clear that security measures to protect legacy devices are required, not optional. “As a regulator, the FDA has a leadership role in creating expectations that manufacturers proactively minimize risk by building security into products by design, providing security tools to their end-users, and updating and patching devices as new intelligence and threats emerge,” AHA said.

Related News Articles

Headline
Community Health Improvement Week (June 1-5) celebrates people coming together to create healthier communities. And that's never been more important than now…
Headline
Thirty-three emerging hospital and health system leaders from 20 states will participate in the inaugural class of the AHA’s Next Generation Leaders Fellowship…
Headline
The Health and Public Health Sector Coordinating Council, a public-private partnership, yesterday released a crisis response guide to help health care…
Headline
The Healthcare and Public Health Sector Coordinating Council, a public-private partnership developed to mitigate threats to the nation’s health care sector,…
Headline
The AHA today debuted a new video that spotlights the value of membership in the AHA, including how the association is telling hospital and health systems’…
Headline
China and its proxies have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines…