FDA Releases Preparedness and Response “Playbook” for Threats to Medical Device Cybersecurity

The document, prepared by the not-for-profit company MITRE, under contract with the FDA, seeks to address the increasing frequency of cybersecurity attacks on healthcare delivery organizations (“HDOs”), and sets forth a framework to plan for and respond to cybersecurity incidents relating to medical devices, as well as to ensure the effectiveness of such devices, and to protect patient safety. Key recommendations include incorporating medical device cybersecurity into HDOs’ organizational emergency response plans, regional outreach and collaboration by pooling resources and expertise across a region, and maintaining a centrally managed, baseline set of information about each medical device in the HDO’s inventory.