The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Bipartisan Legislation Introduced to Strengthen Cybersecurity for Medical Devices

Posted By on Jun 17, 2022

A bipartisan billThe Strengthening Cybersecurity for Medical Devices Act – has been introduced which calls for the U.S. Food and Drug Administration (FDA) to review and update its guidelines on medical device cybersecurity more frequently to ensure devices are protected from potential hacking and cyberattacks.

The bill, introduced by Sen. Jacky Rosen (D-NV) and co-sponsored by Sen Todd Young (R-IN), calls for the Secretary of the Department of Health and Human Services (HHS), in consultation with the Director of the Cybersecurity and Infrastructure Security Agency (CISA), to provide updated guidance on medical device cybersecurity to FDA every year, and for the FDA to issue updated guidelines and suggestions on medical device cybersecurity at least every two years. The frequency of updates needs to be improved to ensure the guidelines remain current, especially considering the fast-evolving threat landscape and the extent to which the healthcare industry is being targeted by cyber threat actors.

“Medical devices are increasingly connected to the Internet or other health care facility networks to provide features that improve the ability of health care providers to treat patients,” said Sen. Young. “Our bill helps ensure medical devices are protected from cyberattacks and used safely and securely in order to reduce risks and vulnerabilities for patients.”

The bill also calls for the FDA to share information publicly about federal resources for healthcare professionals, medical device manufacturers, and health systems that will help them identify and address vulnerabilities and to ensure they can access appropriate support. The Strengthening Cybersecurity for Medical Devices Act also requires the Government Accountability Office (GAO) to compile a report on cybersecurity vulnerabilities affecting medical devices and to make recommendations for improving federal coordination to support cybersecurity for medical devices.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

“In light of increased cyber threats, we must strengthen the security of our health care system’s cyber infrastructure,” said Senator Rosen. “This bipartisan bill I introduced with Senator Young will ensure that medical devices and technologies are up to date with the latest cybersecurity, protecting patients and health care systems.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist