HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Bipartisan Legislation Introduced to Strengthen Cybersecurity for Medical Devices

A bipartisan billThe Strengthening Cybersecurity for Medical Devices Act – has been introduced which calls for the U.S. Food and Drug Administration (FDA) to review and update its guidelines on medical device cybersecurity more frequently to ensure devices are protected from potential hacking and cyberattacks.

The bill, introduced by Sen. Jacky Rosen (D-NV) and co-sponsored by Sen Todd Young (R-IN), calls for the Secretary of the Department of Health and Human Services (HHS), in consultation with the Director of the Cybersecurity and Infrastructure Security Agency (CISA), to provide updated guidance on medical device cybersecurity to FDA every year, and for the FDA to issue updated guidelines and suggestions on medical device cybersecurity at least every two years. The frequency of updates needs to be improved to ensure the guidelines remain current, especially considering the fast-evolving threat landscape and the extent to which the healthcare industry is being targeted by cyber threat actors.

“Medical devices are increasingly connected to the Internet or other health care facility networks to provide features that improve the ability of health care providers to treat patients,” said Sen. Young. “Our bill helps ensure medical devices are protected from cyberattacks and used safely and securely in order to reduce risks and vulnerabilities for patients.”

The bill also calls for the FDA to share information publicly about federal resources for healthcare professionals, medical device manufacturers, and health systems that will help them identify and address vulnerabilities and to ensure they can access appropriate support. The Strengthening Cybersecurity for Medical Devices Act also requires the Government Accountability Office (GAO) to compile a report on cybersecurity vulnerabilities affecting medical devices and to make recommendations for improving federal coordination to support cybersecurity for medical devices.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

“In light of increased cyber threats, we must strengthen the security of our health care system’s cyber infrastructure,” said Senator Rosen. “This bipartisan bill I introduced with Senator Young will ensure that medical devices and technologies are up to date with the latest cybersecurity, protecting patients and health care systems.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.