Medical Device Legal News with Sam Bernstein: Episode 11
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
The US Food and Drug Administration (FDA) recently issued its draft guidance, Artificial Intelligence-Enabled Device Software Functions: Lifecycle Management and Marketing Submission Recommendations on January 7, 2025....more
On July 16, 2024, the California Privacy Protection Agency (the “CPPA”) board declined to advance to formal rulemaking California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments,...more
The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the CPPA has not officially started the formal...more
The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the Agency has not officially started the formal...more
Following the introduction of the Age-Appropriate Design Code (the Code) on 2 September 2021, companies have questioned whether the Code applies to their online service. A recent consultation by the ICO seeks to clarify when...more
On March 15, the U.S. Food and Drug Administration (FDA) issued revised draft guidance summarizing how it intends regulate the use of electronic systems, records, and signatures in clinical investigations to account for...more
The U.S. Food and Drug Administration (FDA) issued updated draft guidance, “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions,” which aims to help industry take a more...more
In this month's edition, we examine the European Commission's Digital Services Act and its potential regulatory impact, the National Institute of Standards and Technology's draft guidance on internet-of-things devices'...more
NIST recently released the final public draft of SP 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171 (formerly Draft NIST SP...more
On January 7, 2019, the federal Office of Management and Budget (OMB) released a draft of a memorandum setting forth guidance to assist federal agencies in developing regulatory and non-regulatory approaches regarding...more
Bloomberg Law reported this week that California Attorney General Xavier Becerra expects to issue draft regulations for the California Consumer Privacy Act (CCPA) in October....more
The Food & Drug Administration has recently released for comment a draft expansion of guidance regarding Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. Although the FDA issued existing...more
The U.S. Food and Drug Administration (FDA) is moving aggressively in the month of October to continue to raise concerns about cybersecurity risks to medical devices, with three recent updates. The FDA just released new draft...more
In March 1997, the Food and Drug Administration ("FDA") published a final rule, codified in 21 CFR Part 11 ("Part 11"), establishing the privacy, security, and reliability criteria for electronic records and electronic...more