PYA Principal Barry Mathis recently was quoted in “Medical-Device Security Has More Hurdles; ‘Zero Trust’ Is Option,” an article that discusses the security risks associated with connected medical devices, and provides an option to avoid common challenges and fight cybercrime.
“The FDA doesn’t test devices for cybersecurity before they go into circulation,” [Barry Mathis] notes. “The FDA approves them based on manufacturer testing. Some people say manufacturers can’t update the device, but yes, they can—they don’t want to. It’s not the FDA saying the medical device manufacturer can’t update the software.” It’s challenging for manufacturers as well because they have to ensure the anti-malware software and other security measures don’t interfere with the medical device’s function and reliability, Mathis explains.
Read the full article from the Report on Research Compliance on the Health Care Compliance Association’s (HCCA) COSMOS, an online platform for easy access to the latest compliance information.
If you have questions about healthcare IT advisory, or would like assistance with any matter involving compliance, valuation, or strategy and integration, contact one of our PYA executives below at (800) 270-9629.