IMDRF Draft Guidance is Available for Comment until December 2, 2019
The International Medical Device Regulators Forum released a draft guidance on cybersecurity in early October, and it will be available for public comment until December 2nd. The guidance reinforces the role of the total product lifecycle approach in the management and mitigation of cybersecurity risk associated with medical devices with software as a constituent component and software as a medical device (SaMD). The key process centers on risk management following ISO 14971, the ISO standard for risk management as applied to medical devices. As part of their risk management process, manufacturers should
- Identify any cybersecurity vulnerability,
- Estimate and evaluate the associated risks,
- Control those risks to an acceptable level, and
- Monitor the effectiveness of the risk controls.
Read the full guidance here, and submit comments using the template and instructions on the guidance page.
You can read Part II of this series here.
Reach out to me if you want to know more or discuss your medical product development challenges.
https://calendly.com/katrinarogers
Text Copyright © 2019 Katrina Rogers