September 16, 2021

Volume XI, Number 259

Advertisement

September 16, 2021

Subscribe to Latest Legal News and Analysis

September 15, 2021

Subscribe to Latest Legal News and Analysis

September 14, 2021

Subscribe to Latest Legal News and Analysis

September 13, 2021

Subscribe to Latest Legal News and Analysis

FDA Appointment Signals Increased Attention on Medical Device Cybersecurity

At the beginning of February, the US Food and Drug Administration (FDA) Center for Devices and Radiological Health (CDRH) appointed Professor Kevin Fu as the first ever Acting Director of Medical Device Cybersecurity. Fu’s role also includes a one-year appointment with the Digital Health Center of Excellence (DHCoE), a division launched in September 2020 within CDRH.  Many see this new appointment as an indication that the Agency will make cybersecurity a priority in 2021.

In this role, Fu reportedly hopes to bring together the various cross-functional subject matter experts involved in medical device development, and specifically to give software security experts a seat at the table, along with the medical and legal experts.  Likely to be on his agenda include updates to the Agency’s guidance on the (i) content of premarket submissions for management of cybersecurity in medical devices, and (ii) content of premarket submissions for software contained in medical devices.  Both guidance topics were identified sas “A-list” priorities for 2021, along with a much-anticipated final guidance on clinical decision support software.

The Center, now working under the Biden-controlled agency, will have to balance its goal of advancing the ball on cybersecurity along with other high-priority items, such as developing a transition plan for medical devices distributed under Emergency Use Authorizations and authorizing over-the-counter (OTC) at-home COVID-19 diagnostic tests and tests that can detect emerging variants of the SARS-CoV-2 virus.  As more and more medical devices are becoming interconnected to create sophisticated medical systems, there is a corresponding increased risk of security vulnerabilities that could impact patient health and safety.  Stakeholders may find 2021 to be an opportunity to meaningfully engage with the Agency to help shape cybersecurity policy and the regulatory framework.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XI, Number 40
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Allison Fulton DC SheppardMullin Shareholder Life Sciences FDA
Shareholder

Allison Fulton is a partner in the Life Sciences and FDA team and is based in the firm's Washington, D.C. office. Allison advises life sciences companies, including pharmaceutical, medical device, dietary supplement, food and cosmetic companies, in matters relating to the development, manufacture, and marketing of products regulated by the U.S. FDA.

Areas of Practice

Allison’s areas of focus include assisting U.S. and international companies comply with current Good Manufacturing Practice (GMP) and the Quality System Regulation (QSR). She regularly advises...

202.747.2195

Julia Kadish is an attorney in the Intellectual Property Practice Group in the firm's Chicago office.

Areas of Practice

Julia's practice focuses on data breach response and preparedness, reviewing clients' products and services for privacy implications, drafting online terms and conditions and privacy policies, and advising clients on cross-border data transfers and compliance with US and international privacy regulations and standards. She also workes on drafting and negotiating software licenses, data security exhibits, big data licenses, professional...

312.499.6334
Advertisement
Advertisement
Advertisement