FDA Announces Playbook for Medical Device Cybersecurity

Linn Freedman
Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

On October 1, 2018, the Food and Drug Administration (FDA) issued its “Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook” to address continued threats to medical devices that could affect patient safety.

The 32 page playbook, developed by MITRE Corp., states that “the purpose of the playbook is to serve as a tool for regional readiness and response activities to aid [healthcare delivery organizations] in addressing cybersecurity threats affecting medical devices that could impact continuity of clinical operations for patient care and patient safety.”

The objectives of the framework are to:

  • Provide baseline medical device cybersecurity that organizations can incorporate into their emergency preparedness and response
  • Assist with clarifying lines of communication and outline roles and responsibilities for internal and external responders
  • Offer a standardized approach to response efforts across organizations and regions
  • Provide enhances coordination activities among stakeholders
  • Provide information regarding decision making for escalated responses
  • Identify resources that can be leveraged for preparedness and response
  • Serve as a response tool that can be customized for regional preparedness that can be broadly implemented.

The playbook emphasizes that cybersecurity is a “team sport” and that patient safety is maximized with regional collaboration and information sharing. Part of the playbook recommends that regional partners must build trust relationships and share best practices with each other, develop mutual aid agreements, exchange point of contact information, conducting joint exercises, identify regional incident command/coordination center, and share cybersecurity advisories and alerts.

The playbook could also be a guide for states and municipalities on how to prepare for and respond to a cybersecurity threat beyond threats to medical devices as it outlines basic preparedness and response strategies. It is a virtual “how to” that can assist governmental and private entities alike. The playbook can be accessed here.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide