AHA Expresses Member Support for PATCH Act, Medical Device Security "In a letter addressed to Senators Bill Cassidy (R-LA) and Tammy Baldwin (D-WI), who first introduced the PATCH Act, the AHA said that the association and its members were committed to preventing cyberattacks and would support the PATCH Act’s intentions of doing the same via medical device security improvements." Why this is important: The American Hospital Association ("AHA") has announced its support of the PATCH Act, introduced this year as bicameral legislation aimed at enhancing cybersecurity of medical devices. The AHA consists of approximately 5,000 member healthcare organizations nationwide and represents the interests of a significant portion of the overall healthcare system in the United States. This is a positive step toward advancing the legislation and shows a growing level of industry support for the PATCH Act. Importantly, the AHA has identified additional industry concerns with the current draft language of the PATCH Act. In its letter to the two supporting Senators, the AHA recommended adding a provision to the PATCH Act to clarify that continuing FDA approval of cyber devices would not be jeopardized as manufacturers implement their device updates. Because so many hospital systems rely on legacy devices and systems, it will be critical to continuity of care that those in the industry be able to rely on their devices retaining approved status, even while security updates are rolled out. Including such a provision would certainly ease liability concerns among providers and practitioners in their day-to-day operations that rely on these systems. In addition, manufacturers would benefit from the clarification that their cyber devices would not need additional approvals after each round of patches and updates.
Please see full publication below for more information.