Last month Rep. Aderholt (R,AL) introduced HR 5961,
the Agriculture, Rural Development, Food and Drug Administration, and Related
Agencies (ARF) Appropriations Act, 2019. While there are no specific mentions
of cybersecurity in the bill, the Committee
Report does briefly address medical device cybersecurity issues.
Medical Device Cybersecurity
The Committee provided the following guidance to the FDA (pg
67):
“The Committee believes that the
FDA should address potential cybersecurity vulnerabilities in medical devices
in general, but especially as the Internet of Things becomes more prevalent in
healthcare. The Committee directs the FDA to report back within 120 days on the
agency’s plans to understand the ongoing cybersecurity challenges of medical
devices and outline a pathway forward. The plan should describe potential
solutions and list compensating controls such as continuous inventory, log
monitoring, data protection, micro segmentation, and patching on legacy devices
to prevent cyber threats from spreading across hospital systems. The Committee
encourages the FDA to seek industry collaboration to uncover the extent of the
vulnerabilities and threats with a representative pathway to solving this
critical issue.”
Moving Forward
The House Appropriations Committee adopted the bill by a
near party-line vote of 31 to 20 (two Democrats voting aye). This suggests that
there will be limited bipartisan support for the bill when it reaches the floor
of the House. Reading the Minority Views section of the Report, however, would
seem to indicate that some amendments from the floor might increase the level
of Democratic support. This is not important for passage in the House, but a
measure of Democrat buy-in in the Senate is a requirement to move a bill to the
floor in that body. We will have to wait and see what the Senate version of the
bill contains.
In any case, if this bill is to move forward to the
President’s desk it will have to traverse a conference committee to work out
the differences with the Senate bill.
Posts
No comments:
Post a Comment