On April 8, 2022, FDA issued new, long-awaited draft guidance “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” (Draft Cybersecurity Guidance). 1 This draft guidance replaces a previous draft guidance published in 2018 (the 2018 Draft Cybersecurity Guidance) and, when final, will supersede “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices – Final Guidance, October 2, 2014” (2014 Cybersecurity Guidance).
The Draft Cybersecurity Guidance provides important information regarding FDA’s current thinking regarding appropriate steps and precautions medical device manufacturers need to consider as they design, manufacture, and seek premarket clearance for their devices. King & Spalding recommends that device manufacturers read and become familiar with the full content of the Draft Cybersecurity Guidance, especially information contained within the Appendices which provide additional tools for executing the information contained within the draft guidance. The Draft Cybersecurity Guidance does not have the effect of law or regulation; firms may use an alternative approach if it satisfies the requirements of the applicable statutes and regulations.
Please see full publication below for more information.