Other Proposed Laws to Address Medical Device Cybersecurity
Unlike most other measures being considered on Capitol Hill, the bill appears to have bi-partisan support with co-sponsors from both sides of the aisle. A similar bill has been introduced in the Senate that also has bipartisan support.
The PATCH Act would require all premarket submissions for medical devices to include details of the cybersecurity protections that have been implemented.
Federal Agency Guidelines to Address Medical Device Cybersecurity
Unless there is action at the federal level, consumers will have to rely upon cybersecurity guidance from the Food and Drug Administration issued for medical device manufacturers.
The Health and Cybersecurity Working Group has developed a “MedTech Vulnerability Communications Toolkit” based upon the FDA’s best practices guide for communicating medical device vulnerabilities to patients and caregivers.
While the guidelines and toolkits are beneficial, they lack the power of law to require medical device manufacturers to follow the recommendations.