New laws passed by the US government which came into effect on 29 March 2023 gives U.S. Food and Drug Administration (FDA) authorisation to require cybersecurity adjustments in submitted medical devices. The requirement will take effect 90 days from the law being passed, giving vendors until October 1, 2023, to prepare submissions meeting the new standards.

In its newly issued guidance for cyber devices, the FDA have said they intend not to issue ‘refuse to accept’ (RTA) decisions for cybersecurity shortcomings to vendors who submitted before this deadline. The agency plans to work collaboratively with sponsors as part of the review process to meet the new laws passed in the Consolidated Appropriations Act, 2023 by the US Senate.

By October this year, the FDA expects submissions to meet the new requirements, citing sponsors will have had sufficient time to prepare their premarket submissions. For submissions that do not tick the cybersecurity boxes, the FDA will duly issue RTAs.

Cybersecurity is becoming a more pertinent concern as more medical devices become connected to the internet, healthcare systems, and other digital devices. As connectivity and digital integration become an increasingly common feature in medical devices, security risks increase too. Data breaches are one of the main concerns – medical health records, insurance details and payment information could all be leaked.

Remote patient monitoring devices has become a highly scrutinised area due to their use by patients themselves inside home settings where digital security might be weaker.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

According to GlobalData, between 2020 and 2025, cybersecurity in medical devices is forecast to grow at a CAGR of 7.3% from $869mn to $1.23bn. Inextricably linked will be the money spent by healthcare providers and payors to ensure digital safety too – this will grow slightly faster at a rate of 8.1%, from $4.59bn to $6.77bn.