Over 150 Total Lots Up For Auction at One Location - CA 05/31

FDA gives full recognition to AAMI cybersecurity guidance document

Press releases may be edited for formatting or style | November 07, 2023 Cyber Security Health IT
The Association for the Advancement of Medical Instrumentation (AAMI) is proud to announce that the U.S. Food and Drug Administration (FDA) has officially extended complete recognition to AAMI’s groundbreaking guidance document on medical device cybersecurity, ANSI/AAMI SW96.

Per the FDA, ANSI/AAMI SW96:2023, Standard for medical device security - Security risk management for device manufacturers, is an important resource for medical device sponsors. The agency’s original announcement states, “The FDA encourages use of this new standard to enhance quality and support product performance.”

Matt Williams, vice president of standards at AAMI, said, “FDA recognition of ANSI/AAMI SW96 is a major milestone. Device manufacturers can confidently use the standard to ensure compliance with FDA requirements and to provide better protection for health systems and patients alike. The standard’s adoption definitively furthers AAMI’s mission of promoting ideal patient outcomes.”
DOTmed text ad

New Fully Configured 80-slice CT in 2 weeks with Software Upgrades for Life

For those who need to move fast and expand clinical capabilities -- and would love new equipment -- the uCT 550 Advance offers a new fully configured 80-slice CT in up to 2 weeks with routine maintenance and parts and Software Upgrades for Life™ included.

Released earlier this year, SW96 raised the bar for medical device cybersecurity risk management during the design and development stages. It contains clear guidance related to postmarket monitoring of device vulnerabilities, security measures like patching, and software bills of materials.

It is also the first guidance document that provides specific requirements for managing cybersecurity across a product’s life cycle. The standard sets out several key priorities:

Security risk analysis should be conducted for individual medical devices and systems to identify and document vulnerabilities and risks.
Security risk evaluation should focus on how devices exist within both hardware and software systems.
Security risk control should use more than one method of ensuring devices and systems are protected.
Security risk management plans for medical devices must be in place before distribution and manufacturers must ensure that any residual risk is acceptable.

Topics: AAMI Standards Healthcare Technology Management

About AAMI
AAMI is a nonprofit organization founded in 1967. It is a diverse community of more than 10,000 healthcare technology professionals united by one important mission—supporting the healthcare community in the development, management, and use of safe and effective health technology. AAMI is the primary source of consensus standards, both national and international, for the medical device industry, as well as practical information, support, and guidance for health technology and sterilization professionals.

Back to HCB News

You Must Be Logged In To Post A Comment