New FDA Guidance On WiFi-Managed Infusion Pumps Is Cybersafe And Cybersecure

Jun 4, 2021

HarborLabs’ CEO, Nick Yuran, was recently interviewed about misconceptions and concerns around the FDA’s new policies on wireless management of infusion pumps. Here are his thoughts regarding the interview and the overall risks involved.

Nick Yuran

Chief Executive Officer
I was recently interviewed by a prominent medical publication on my thoughts on the FDA’s new policies on wireless management of infusion pumps. This new regulatory guidance allows infusion pump manufacturers to make limited modifications to the wireless capability of their devices without having to initiate a new 510(k) submission process. The goal is to allow for more effective and efficient remote wireless management of deployed devices by the available clinical staff. In this interview, the journalist wanted to understand the inherent security risks and threats to patient health in allowing such unregulated activities by the medical device industry.
 
I first had to politely correct the interviewer’s premise. The regulatory science behind the FDA’s decision was well-researched, and has informed a very sound policy change. The new guidance is based on the FDA’s belief that the potential security risks being introduced are minimal at best, and are far outweighed by the efficiency gains and clinical benefits. Moreover, even when their activities are unregulated, medical device manufacturers are highly motivated to follow industry best practices for cybersecurity and cybersafety. Indeed, our infusion pump clients have already engaged us to discuss the secure design and implementation of these new capabilities, intent on taking products to market that are every bit as secure as those that have gone through a rigorous regulatory review process.
 
To quote my interviewer, “You’re not giving me anything!”, and needless to say my remarks never made it to print. Nonetheless, I find it encouraging that there is nothing dire or sensational to say on the matter. The working relationship between regulators, medical device OEMs and the security community is cooperative and highly functional, promoting safe and beneficial innovations such as this one.
Thought Leadership
Mask Group 153
Medical Device Manufacturer Must Do’s for Cybersecurity

Medical Device Manufacturer Must Do’s for Cybersecurity

Harbor Labs Director of Medical Security Dr. Mike Rushanan provides a comprehensive outline of the cybersecurity must-do’s necessary to meet regulatory approval. Based on years of experience working with the FDA and other regulatory bodies, Dr. Rushanan’s blog provides insights into the common pitfalls that can disqualify or delay regulatory approvals.

About
Learn more about our experts and how we’re bringing our passion and process to support brighter outcomes.
Careers
We’re always looking to add new dimensions to our team. Check here for the latest openings and opportunities.
Contact
1.855.CYBR.SCI info@harborlabs.com
TOOLS
Discover issues hiding in your device firmware.
Find out how your vulnerability scores add up.
Medical Device
Security
Your device delivers healthier outcomes. With HarborLabs, it will do it securely.
Healthcare IT
Consulting
Healthcare IT system security and regulations are a big lift. An experienced partner by your side can help make it lighter.
Technical Litigation
Consulting
There are practical cyber experts and there are experienced Alternative Legal Service Providers. HarborLabs is the best of both worlds.