The American Hospital Association penned a letter to the FDA's Dockets Management staff Dec. 7 encouraging the agency to increase its oversight on medical device security.
"Recent ransomware attacks have highlighted the vulnerability of medical devices and hospital information systems to cyberattack," the letter reads, highlighting the worldwide WannaCry ransomware attack that infected 200,000-plus computers in more than 150 countries in May.
The U.K. National Health Service marked one of the ransomware's most prominent victims, as WannaCry brought down operations for at least 16 facilities. The attack demonstrated the healthcare industry's susceptibility to cyberattacks on medical devices and information systems, according to the letter.
The AHA called on the FDA to heighten its oversight on updating and patching medical devices as new cyberthreats emerge. The AHA also asked the agency to set "measurable expectations" for device manufacturers to play a more active role in supporting customers during a cyberattack.
"Manufacturers must be held accountable to proactively minimize risk," the letter reads. "They share responsibility for safeguarding confidentiality of patient data, maintaining data integrity and assuring the continued availability of the device itself."
To access the AHA's letter, click here.