Tag: FDA

  • The chasm between FDA regulatory and cyber security

      When a Risk Analysis is not a Risk analysis Superficially at least, there is not a lot of difference between a threat analysis that is part of a software/hardware security assessment and a risk analysis (or hazard analysis) that is performed by a medical device company as part of their submission to the FDA. […]

  • How do you know that your personal health data is secure in the cloud?

    Modern system architecture for medical devices is a triangle of Medical device, Mobile app and Cloud services (storing, processing and visualizing health data collected from the device).  This creates the need for verifying a chain of trust: patient, medical device, mobile app software, distributed interfaces, cloud service software, cloud service provider. No get out of jail free card if […]

  • The top 5 things a medical device vendor should do for HIPAA compliance

    We specialize in software security assessments, FDA cyber-security and HIPAA compliance for medical device vendors in Israel. The first question that every medical device vendor CEO asks us is “What is the fastest and cheapest way for us to be HIPAA-compliant”? So here are the top 5 things a medical device vendor should do in order to […]

  • Health Information Technology Patient Safety Action & Surveillance Plan

    This is a quick update on two new documents released by the HHS and the IMDRF:  Health Information Technology Patient Safety Action & Surveillance Plan The US Department of Health and Human Services published on July 2, 2013 the Health Information Technology Patient Safety Action & Surveillance Plan. The FDA belongs to the HHS. The plan defines several […]

  • Risk assessment for your medical device

    We specialize in  cyber-security and privacy compliance for medical device vendors in Israel like you. We’ve assissted dozens of Israeli software medical device that use Web, mobile, cloud and hospital IT networks achieve cost-effective HIPAA compliance and meet FDA guidance on Premarket Submissions for Management of Cybersecurity in Medical Devices. As part of our service to our trusted clients, we provide the popular PTA  threat modeling tool, […]

  • Why Microsoft Windows is a bad idea for medical devices

    I’m getting some push back on LinkedIn on my articles on banning Microsoft Windows from medical devices that are installed in hospitals – read more about why Windows is a bad idea for medical devices here and here. Scott Caldwell tells us that the FDA doesn’t rule “out” or “in” any particular technology, including Windows […]

  • Why outlawing Windows from embedded medical devices is a good idea

    In a previous post The Microsoft Monoculture as a threat to national security, I suggested that the FDA might consider banning Windows as an operating system platform for medical devices and their accompanying information management systems. One of my readers took umbrage at the notion of legislating one monoculture (Microsoft) with another (Linux) and how […]