GAO says: Revise FDA cyber deal to update medical devices.

December 28, 2023
1 min read

The Government Accountability Office (GAO) has recommended that the Food and Drug Administration (FDA) update its five-year-old medical device cybersecurity agreement with the Cybersecurity and Infrastructure Security Agency (CISA). The update is necessary to address cybersecurity vulnerabilities in heart monitors and other medical devices. While the FDA has increased its oversight of medical device cybersecurity, it has not determined additional cybersecurity authorities, according to the GAO. The FDA and CISA have accepted the GAO’s recommendations.

The GAO notes that available data on cybersecurity incidents in hospitals do not show that medical device vulnerabilities have been commonly exploited. However, the Department of Health and Human Services (HHS) still considers medical devices a source of cybersecurity concern that warrants significant attention and can introduce threats to hospital cybersecurity. The GAO’s recommendation for an updated agreement reflects the need to proactively address potential vulnerabilities and protect patient safety.

Latest from Blog

Top VPN’s privacy claims confirmed by independent auditors

TLDR: Independent auditors from Deloitte Romania confirmed CyberGhost VPN’s privacy claims through a detailed audit of their systems. Auditors found that CyberGhost’s no-logs infrastructure works as expected, ensuring user data privacy. Independent