FDA Updates Guidance on Cybersecurity Responsibilities for Medical Device Manufacturers

On April 8, 2022, the U.S. Food and Drug Administration (“FDA”) released a draft guidance document titled “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions.” The draft guidance, if finalized, would replace FDA’s 2014 final guidance document titled, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” adding significant details to FDA’s existing guidance. Manufacturers should pay close attention to developments in this area, expand their internal expertise, and otherwise invest in establishing robust cybersecurity risk assessment, design control, and risk management practices and procedures relating to their devices.

Click here to read Ropes & Gray’s Client Alert on the draft FDA guidance.