Medical Device Industry Update November 2022  

Key Stories

New healthcare cybersecurity standards on the horizon

Cybersecurity becomes top investment priority for CIOs as threats grow

FDA seeks feedback on plans to draft and finalize medical device guidance in 2023

Alexa-based device developed for people with dementia

Why SBOMs are the future of medical device cybersecurity 

Upcoming medical device events in November

New healthcare cybersecurity standards on the horizon

New healthcare cybersecurity standards and guidance from the White House are on the horizon. That’s according to Anne Neuberger, Deputy Assistant to the President & Deputy National Security Advisor for Cyber and Emerging Technology. 

Specifically, Neuberger pointed to the healthcare, water, and communications sectors as the next three cybersecurity focus areas for the White House, furthering the administration’s emphasis on critical infrastructure security. 

Speaking at a Washington Post event, Nueberger also admitted that the United States is “pretty much last in the race” when it comes to putting in place minimum security standards for critical infrastructure compared to peer countries. However, according to Neuberger, this puts the country in a good position to learn from others and establish minimum cyber regulatory frameworks for critical infrastructure.

Neuberger also told an audience at an Axios event in Washington that the Cybersecurity and Infrastructure Security Agency (CISA) is planning to release its highly anticipated, but voluntary, cybersecurity performance goals in late October. 

Cybersecurity becomes top investment priority for CIOs as threats grow

As threats continue to escalate, chief information officers have said that cybersecurity will be their top investment priority in 2023. This insight comes after Gartner published their 2023 CIO Agenda on October 18th.  The Gartner CIO survey, which is published annually, poses a series of questions with more than 2,000 IT executives on current business practices. 

In the survey, in which Gartner asked CIOs whether they planned to increase or decrease their investments in a range of areas, 66% of respondents said they planned to increase investment in cybersecurity. This makes cybersecurity the top investment priority for CIOs, beating business intelligence and analytics, in which 55% of respondents said they planned to increase investment.

Gartner forecasts that worldwide information security and risk-management spending by end-users will reach $188.336 billion in 2023, up 11.3% on figures posted in 2022. Gartner also estimates that spending on security will grow 7.2% this year compared with 2021. The company says spending on security grew 14.3% in 2021 compared with the previous year.

The need to prioritize cybersecurity comes as companies have been facing an escalation in cyberattacks such as the 2021 Colonial Pipeline ransomware attack that affected Eastern U.S. fuel distribution. 

FDA seeks feedback on plans to draft and finalize medical device guidance in 2023

FDA is seeking feedback on its prioritization of the medical device guidance documents it plans to draft and finalize in its 2023 fiscal year. 

As in earlier years, the FDA has split the guidance documents between an A-list and a B-list, with items in the A-list prioritized. Those guidance documents in the B-list are published only as resources permit. In 2022, the FDA published 13 of the 23 guidance documents planned with ten coming from the A-list. 

Final guidance topics featured in the 2023 A-list include:

                      • Remanufacturing of Medical Devices
                      • Transition Plan for Medical Devices That Fall Within Enforcement Policies Issued During the Coronavirus Disease 2019 (COVID-19) Public Health Emergency
                      • Transition Plan for Medical Devices Issued Emergency Use Authorizations (EUAs) During the Coronavirus Disease 2019 (COVID-19) Public Health Emergency
                      • Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions
                      • Content of Premarket Submissions for Device Software Functions
                      • Fostering Medical Device Improvement: FDA Activities and Engagement with the Voluntary Improvement Program
                      • Breakthrough Devices Program (revised)

Full details of both lists and priorities, as well as a 2022 retrospective review list, can be found here. The FDA is seeking feedback on the relative priority of the documents on its A-list and B-list, as well as suggestions about which guidance texts it should revise or withdraw as part of its retrospective review. 

Alexa-based device developed for people with dementia 

The ways in which technological advancements such as voice-assisted technology are being used to treat established medical conditions never fails to amaze. A prime example of this type of innovation was highlighted in Medtech News this month.  

Dave Pearson, founder of MindMinder, has developed software that uses low-cost Amazon Alexa devices to engage dementia sufferers in their own homes. The aim behind the development is to stimulate the mental health of people with dementia by creating a daily check-in and on-going dialogue.The software produces reports which can be assessed over an extended period to further understand the effects and impact of dementia. 

“MindMinder uses the artificial intelligence provided by Amazon Alexa to develop a personalized relationship with people with dementia to provide active stimuli and reminders while also developing a long-term assessment dataset that can be used to monitor and inform care providers and family regarding rates of mental stability and/or decline.”

The idea came about as Pearson watched his father-in-law struggle to communicate with his wider family because of dementia. He decided that there must be a way for dementia sufferers to talk to Alexa in a way that wasn’t like the medical question and answer medical questionnaire. The objective is to help mentally stimulate someone living with dementia in a way that allows them to recall their own experiences, remember anecdotes and loved ones. The goal is to have some resonance with the story and trigger thought processes.

Pearson’s idea started in February 2022 and is about to go through its first trial.

A look at why SBOMs are the future of medical device security

In the past month we shared a post on our blog that is well worth checking out – Why SBOMs are the Future of Medical Device Security.  

After a string of high profile healthcare breaches, the medical device sector is under pressure to improve software supply chain security and place a much greater emphasis on cybersecurity. In the mission to do so, SBOMs (software bill of materials) are being placed front and center. This includes being a key part of US President Joe Biden’s Executive Order (EO) on strengthening the nation’s cybersecurity infrastructure. The executive order pointed to SBOMs as a way of ensuring the safety and security of software supply chains across US critical infrastructure. 

SBOMs are now, quite possibly, the future of medical device security and in this blog post we look at three key reasons why:

                      1. SBOMs offer the type of ‘ecosystem-wide’ solution that is needed to properly secure a software supply chain.
                      2. For many years there has been limited visibility into what makes up a piece of software, its supply chain and the third-party components. This lack of visibility has left software supply chains in a vulnerable state. SBOMs can increase the transparency and security of software supply chains. 
                      3. In the medical device industry, we are currently undergoing a total re-examination of cybersecurity laws and regulations. Within this, SBOMs have been repeatedly highlighted as a means to strengthen cybersecurity and ensure software supply chain security.

Check out the article in full here.  

Upcoming medical device events in November 

 1/ MD&M Minneapolis – Minneapolis, MN, Nov 2-3 

MD&M Minneapolis is a part of the five-in-one manufacturing expo at Advanced Manufacturing Minneapolis. Billed as the Midwest’s largest MedTech event, Medical Design & Manufacturing (MD&M) Minneapolis empowers its attendees to access expertise across the supply chain. 

2/ 2nd World Congress on Primary Healthcare and Medicare Summit, Paris France Nov 7-9

“Healthcare Conferences 2022 offers all participants an opportunity to benefit from Plenary Lectures, Keynote Addresses, Review and Forecast Papers, Poster Presentations and Panel discussions. The Healthcare Conference reaches across the globe, public and private medical sectors to connect and inspire physicians, healthcare executives, leaders, venture capitalists, diagnostics, medical practitioners of the healthcare value chain.”

3/ MEDICA – Düsseldorf, Germany, Nov 14-17

“MEDICA is the world’s largest event for the medical sector. For more than 40 years it has been firmly established on every expert’s calendar. There are many reasons why MEDICA is so unique. Firstly, the event is the largest medical trade fair in the world – it attracts several thousand exhibitors from more than 50 countries in the halls. Furthermore, each year, leading individuals from the fields of business, research, and politics grace this top-class event with their presence — naturally alongside tens of thousands of national and international experts and decision-makers from the sector, such as yourself.”

4/  BIOMEDevice Silicon Valley, Santa Clara, CA Nov 29-30

“BIOMEDevice Silicon Valley, formerly known as BIOMEDevice San Jose, returns this November bringing together the brightest minds in the industry to demonstrate and discuss emerging trends, innovation, and disruptive tech changing the future of the medical device industry.

Image credit
Photo by Lazar Gugleta on Unsplash
Photo by Product School on Unsplash
Photo by on Unsplash