we need tools to stop the attack surface around medical records and biometric data from growing so fast, and we dont have them
-
-
Replying to @sigfig @gravislizard
Y'all dropped the i off my handle. But broadly speaking, the security landscape with medical devices is complex.
1 reply 0 retweets 0 likes -
The FDA has recently issued a draft guidance re: cybersecurity guidelines & has denied 510(k)s. Security is...
1 reply 0 retweets 0 likes -
considered part of the quality systems regulations. As such, mfgs must perform traceability analyses, FMEA, etc. for
1 reply 0 retweets 0 likes -
p much all Class 2 and 3 medical devices. But. The FDA is also pushing interop for MD data.
1 reply 0 retweets 0 likes -
So connectivity is encouraged, and honestly, badly needed. But this all boils down to what the right approach is for
1 reply 0 retweets 0 likes -
designing for security. Right now IEC 62304 and 60601 say almost nothing. So there is no industry std, really.
1 reply 0 retweets 0 likes -
Replying to @EmilyGorcenski @gravislizard
i am optimistic that the industry can establish an encryption standard with at least three xors
1 reply 0 retweets 0 likes -
Replying to @sigfig @gravislizard
That will never happen. Mfg stds never specify technical details. They move too slowly. Rather, they specify
1 reply 0 retweets 0 likes -
the criteria and methodologies for evaluating things that can go wrong, and let mfg decide best current approach.
1 reply 0 retweets 0 likes
The FDA says "this is the level of rigor we expect you to use. Prove that you did." They don't prescribe specifics.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.