R&Q's Blog

Medical device industry news and trends - and the resources to understand and act on them.


Cybersecurity for Medical Devices: Questions and Answers

As the number of network connected medical devices increases, opportunities for improved patient care also increase. As a consequence, the vulnerability to cyber-attacks becomes a greater threat. Medical device cybersecurity threats can be dangerous for providers, networks, and device manufacturers. They can put patient safety at risk and/or create a breach of data. The FDA encourages manufacturers to consider potential cybersecurity risks and vulnerabilities “throughout the product lifecycle, including during the design, development, production, distribution, deployment and maintenance of the device.”

R&Q recently presented the webinar, Cybersecurity: Regulatory and quality ramifications. During the session we answered several of your questions, a sample of which are below. To see all of the questions and answers from the session, along with the slides and recording, check out the on-demand webinar.

The Lowdown on Cybersecurity for Medical Devices


Every one of us has probably either been affected by or knows someone who has been affected by a cybersecurity vulnerability. Some attacks happen for the thrill, some to expose weaknesses between competitors, some for malicious intent, and some for money. We hear of these issues in our daily life - from computer viruses to financial incidents.

These types of threats have certainly surfaced in the medical device industry and we need to make sure we are positioned to address these early in the product development process and the post-market space. The ultimate goals are to make sure that a weakness in cybersecurity practices does not affect the functionality of a medical device in a harmful way, and to make sure sensitive patient data is protected as defined by region-specific regulations.

[Free R&Q Webinar] Cybersecurity for Medical Devices: The regulatory and quality ramifications.


Please join us for a free R&Q Intelligence Series webinar:
Cybersecurity for Medical Devices: The regulatory and quality ramifications.

The session will be held on Tuesday, July 25 from 1:00pm - 2:00pm EST.


My recent work has involved providing regulatory assistance to software medical devices. One thing I have been learning about is how security and privacy is handled with these types of products. Often times I have experienced clients grouping regulatory affairs with privacy and security. Project teams have looked to the regulatory engineers for guidance on how to handle privacy and security of patient data used within the software. This was a new area of focus for me. In my research on privacy and security I looked a lot to internal experts on these to subjects, in addition the FDA has issued a draft guidance titled Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.

Lists by Topic

see all