GAO reports the agency’s cyber security agreement is five years old.
The Government Accountability Office has reported that the Food and Drug Administration needs to work with the Cybersecurity and Infrastructure Security Agency to update its medical device security. The FDA’s current cybersecurity agreement for medical devices, such as heart monitors, is five years old, yet the agency’s responsibilities regarding medical device security have increased in that time.
“According to the Department of Health and Human Services (HHS), available data on cybersecurity incidents in hospitals do not show that medical device vulnerabilities have been common exploits,” the GAO report stated. “Nevertheless, HHS maintains that such devices are a source of cybersecurity concern warranting significant attention and can introduce threats to hospital cybersecurity.”
The FDA and CISA have agreed with the GAO’s recommendations.
As the Lord Leads, Pray with Us…
- For Comptroller General Gene Dodaro to be discerning as he heads the GAO.
- For wisdom for CISA Director Jen Easterly as she facilitates cybersecurity in government agencies.
- For Commissioner Robert Califf as he oversees the Food and Drug Administration.
Sources: FedScoop, Government Accountability Office
