To more fully address the vulnerabilities of networked medical devices, the Food and Drug Administration should further integrate cybersecurity into the premarket review process for these devices.
That’s the finding of an audit by the Department of Health and Human Services’ Office of Inspector General.
Networked medical devices cleared or approved by the FDA, such as hospital-room infusion pumps and diagnostic imaging equipment, can be susceptible to cybersecurity threats if the devices lack adequate security controls, according to the OIG.