Monday, December 5, 2022
HomeLatest NewsFederal NewsFBI Recommends Action to Protect Vulnerable Medical Devices from Cyberattacks

FBI Recommends Action to Protect Vulnerable Medical Devices from Cyberattacks

The FBI recently released recommendations to help protect medical devices from cyberattacks that can threaten health care operations, patient safety, and data privacy and integrity, citing a growing number of unpatched medical device vulnerabilities.

“This past June, the AHA issued a letter of support to Congress for pending legislation known as the PATCH Act,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The letter echoed the need for medical device manufacturers to implement increased cybersecurity requirements for medical devices. Cyber vulnerabilities in medical devices, often containing outdated legacy technology, have posed a significant cyber risk to hospitals. In 2017, the FBI reported that the North Korean WannaCry global health care ransomware attack was fueled by vulnerabilities in medical devices.

“The pending legislation would require medical device manufacturers to monitor and identify post-market vulnerabilities in a timely manner, develop a plan for coordinated vulnerability disclosure, provide lifetime cybersecurity support of the device and provide an accounting of all software contained in the device, including third party software.

“In the interim, it is good practice to increase cybersecurity requirements in medical device and medical technology business associate agreements. An excellent resource for medical technology model contract language can be found here.”

For more information on this or other cyber and risk issues, contact John Riggi at jriggi@aha.org

Stay Connected

Unified Voice Newsletter

Events This Month

december

06dec11:00 am12:00 pmEarly Childhood Comprehensive Systems (ECCS) CollaborativeSDAHO Webinar

07dec12:00 pm1:00 pmRoP Interpretative Guidance: Phase 2 and Phase 3 – Select F-Tag ReviewSDAHO Webinar

08dec11:00 am12:00 pmPain Management & Practice GuidelinesSDAHO Webinar

08dec12:00 pm1:30 pmRural Emergency Hospital Designation: The Known and the UnknownSDAHO Webinar

13dec12:00 pm1:00 pmSolving for Staffing Challenges with Flexible, Virtual Care ModelsAHA Webinar


By submitting this form, you are consenting to receive marketing emails from: SDAHO, 3708 W Brooks Place, Sioux Falls, SD, 57106, http://sdaho.org. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact