Cybersecurity Standard Receives Complete FDA Recognition

The U.S. Food and Drug Administration (FDA) has recognized a key consensus standard to support device sponsors as they address cybersecurity concerns.

The FDA encourages use of this new standard to enhance quality and support product performance:

• ANSI/AAMI SW96:2023 Standard for medical device security – Security risk management for device manufacturers. This standard, published by the American National Standards Institute, Inc, and the Association for the Advancement of Medical Instrumentation, aligns with existing international safety risk management standards and quality systems expectations, and provides direction to sponsors on how to consider and address cybersecurity risks in device design and development.

Recent legislation and the FDA’s guidance seek to drive the inclusion of cybersecurity risk analysis and mitigation in device submissions. The development, recognition, and use of cybersecurity standards promotes consistency, efficient premarket review, and resiliency to cybersecurity threats.

Questions?
If you have questions about this new cybersecurity standard, contact the Standards and Conformity Assessment Program.