“Recent ransomware attacks have highlighted the vulnerability of medical devices and hospital information systems to cyberattack,” the letter reads, highlighting the worldwide WannaCry ransomware attack that infected 200,000-plus computers in more than 150 countries in May.
The U.K. National Health Service marked one of the ransomware’s most prominent victims, as WannaCry brought down operations for at least 16 facilities. The attack demonstrated the healthcare industry’s susceptibility to cyberattacks on medical devices and information systems, according to the letter.
The AHA called on the FDA to heighten its oversight on updating and patching medical devices as new cyberthreats emerge. The AHA also asked the agency to set “measurable expectations” for device manufacturers to play a more active role in supporting customers during a cyberattack.
“Manufacturers must be held accountable to proactively minimize risk,” the letter reads. “They share responsibility for safeguarding confidentiality of patient data, maintaining data integrity and assuring the continued availability of the device itself.”
To access the AHA’s letter, click here.
More articles on supply chain:
Merck to shutter facility in South Carolina, lay off 50 employees
BioDerm enters exclusive distribution agreement with Medline
FDA releases 3 policies on digital health oversight
