The US Food and Drug Administration (FDA) has recognized three new standards related to software security on medical devices. The standards address taking a total product lifecycle (TPLC) approach to medical device cybersecurity, data logging software use, and reasonable software testing.
The Center for Devices and Radiological Health (CDRH) announced on 6 November that it had recognized three consensus standards in the past month that may be used by sponsors of digital health products to give reviewers confidence in the product’s security. Over the past several years, the agency has published and updated a number of guidances on medical device software cybersecurity and promoted the use of internationally recognized standards…