Skip to Content

Medical Device Cybersecurity Mandate Dropped from FDA Authorization Bill

The US Food and Drug Administration (FDA) appropriations bill has passed, but cybersecurity provisions introduced in the House version were removed when the bill went to Senate. The bill gives the FDA the authority to collect fees from healthcare organizations for reviewing new drugs and medical devices.


  • This is an unfortunate victory for the lobbyists of the medical device industry. The problem with unsecure medical devices won’t go away on its own – the industry needs to demonstrate it can drive itself to higher levels of security being built in. Not a great track record there.
  • The mandate was dropped due to logistical complications of attempting to get it passed as well as possible delays to critical funding needed to continue the FDA operations in the bill. Expect future actions to take up the call to raise the bar on medical device security.


    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on