How to securely deploy medical devices

In the wake of the Food and Drug Administration (FDA) issuing both “premarket” (2014) and “postmarket” (2016) guidance for improving security in the development and manufacture of connected medical devices, the Open Web Application Security Project (OWASP) has released a set of best practices for the secure deployment of those devices.

As the report’s author and project leader, Christopher Frenz, puts it, “a medical device with all the security features in the world will not stand up to an attack if it is deployed in an insecure manner.”

Frenz, also director of IT infrastructure at Interfaith Medical Center, said the “OWASP Medical Device Deployment Standard,” released last month, was not coordinated with the FDA, but is designed to be “complementary” to its guidance.

To read this article in full or to leave a comment, please click here


Leave a Reply