Legacy medical devices are “a key vulnerability for hospitals and health systems,” related to cybersecurity, and device “manufacturers must support end-users in providing a secure environment for safe patient care,” AHA today told leaders of the House Committee on Energy and Commerce. “This support should include wrapping security precautions around these devices, adding security tools and auditing capabilities where possible, conducting regular updates and patching all software, and communicating security vulnerabilities quickly through consistent channels,” AHA said in response to a committee request for information on how best to keep medical devices secure over their useful lifetimes. Among other comments, AHA said that the Food and Drug Administration must make clear that security measures to protect legacy devices are required, not optional. “As a regulator, the FDA has a leadership role in creating expectations that manufacturers proactively minimize risk by building security into products by design, providing security tools to their end-users, and updating and patching devices as new intelligence and threats emerge,” AHA said.

Related News Articles

Headline
The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology today released an updated Trusted Exchange…
Headline
The AHA today voiced support for the Recovering Excessive Funds for Unused and Needless Drugs Act (S. 551), legislation that would incentivize manufacturers to…
Headline
The Federal Trade Commission will hold a public workshop June 18 in Washington, D.C., to assess the impact of certificates of public advantage on health care…
Headline
In a letter to the editor, AHA today expressed concerns with a recent Modern Healthcare article presenting the findings of a study on health system…
Chairperson's File
During this National Minority Health Month, I encourage you all to learn more about the health status of racial and ethnic minority populations in the U.S. and…
Headline
The Medicaid and CHIP Payment and Access Commission yesterday recommended that Congress change the definition of Medicaid shortfall to exclude costs and…