Cyber Security in Medical Devices

In 2014, there was cyber security guidance given to manufacturers on how to securely design developed medical devices. In 2016, there was additional guidance given around what the responsibility is from a manufacturer to secure that device after it's been sold. What this newer law now explicitly stating is that regardless of what the existing regulation technically requires, they are not going to explicitly require these types of cyber security activities because they want to bake security into the actual device.