Medical Device Academy

FDA Cybersecurity Training Webinar

HomeFDA Cybersecurity Training Webinar

In this FDA cybersecurity training webinar, you will learn what documentation the FDA wants you to include in your 510k submission.

Medical Device Academy primarily works with medical device start-up companies that are developing their first product and need help obtaining 510k clearance for their device. The hottest trend in medical devices is adding wireless functionality to existing electromedical devices and developing software applications for sharing patient data with physicians (e.g. MDDS systems that are software as a medical device or SaMD). Some of our clients are not familiar with the standard for medical device software lifecycle management  [i.e. IEC 62304 ed 1.1 (2015)], and almost 100% of our clients need help with documentation of cybersecurity risks and developing a plan for postmarket management of cybersecurity for their device.

If any of the following attributes are applicable to your medical device, then cybersecurity data is required in your 510k submission:

  • Cloud communication
  • Network connection (active or not)
  • Wireless communication in any form
  • USB/serial ports/removable media
  • Software upgrades (this includes patches)

What will you learn when you register for this FDA cybersecurity training webinar?

If you register for this cybersecurity webinar, you will receive a Zoom invitation to the live Zoom webinar. You will learn what documentation the FDA wants you to include in your 510k submission and when cybersecurity documentation is not required for medical devices including software. A link to the recording will be sent to everyone that registers for the webinar.

The webinar will cover four main topics and then we will address other topics during the Q&A portion at the end. The four main topics are:

  1. Cybersecurity Risk Management
  2. FDA Approach to Cybersecurity Risk Management (i.e. Threat Model)
  3. AAMI TIR57 Approach to Cybersecurity Risk Management (i.e. NIST)
  4. Cybersecurity Labeling

When is the FDA cybersecurity training webinar scheduled?

The webinar was hosted live on Thursday, August 19, 2021, but a recording is available on our YouTube Channel. If you want the native slide deck you will need to complete the registration information provided below.

Q&A about cybersecurity

During the live FDA cybersecurity training webinar, we will answer your questions. We will be converting this into an FAQ document and sending that as a follow-up to the original content. If you have company-specific questions, please use our calendly app to schedule a call. If you are registering for this webinar after August 19, 2021, you can still submit questions by email. You can also use our QA/RA Suggestion Box.

Important note about the delivery of this training webinar

The FDA cybersecurity training webinar will be delivered to you via email. You need to confirm an email subscription before an invitation will be sent. Despite our efforts to AWeber to our SPF Record, the emails from AWeber may be in your spam folder.

Additional FDA cybersecurity resources

For devices that are powered and/or have software, you will need to perform software validation in accordance with IEC 62304 ed 1.1 (2015). IEC 62304 makes no mention of “cybersecurity”, but there is another standard that is specific to the cybersecurity of medical devices and it is recognized by the FDA. The FDA has also published two guidance documents that are specific to cybersecurity and a new discussion paper:

  1. AAMI TIR57:2016 – Principles for medical device security – Risk management
  2. Guidance for Industry and Food and Drug Administration Staff Content of Premarket Submissions for Management of Cybersecurity in Medical Devices (October 2014)
  3. Guidance for Industry, FDA Reviewers and Compliance on Postmarket Management of Cybersecurity in Medical Devices (December 2016)
  4. Discussion Paper: Strengthening Cybersecurity Practices Associated with Servicing of Medical Devices: Challenges and Opportunities (June 2021)

About the Instructor

Photo of Bhoomika 300x300 FDA Cybersecurity Training WebinarBhoomika Joyappa joined Medical Device Academy as an Associate Regulatory Consultant in April 2021. She has a Master’s Degree in Biomedical/Medical Engineering from The City University of New York. Prior to joining Medical Device Academy she worked as a regulatory affairs intern and completed a training program in regulatory affairs at Duke University School of Medicine. She also has previous experience as a SAS programmer and technical writer for Huawei. She is passionate about regulatory affairs, and she is making an immediate positive contribution to our clients by already completing her first few 510k submissions and developing cybersecurity checklists for our clients to help with cybersecurity documentation required by the FDA. She can be reached via email.