NH-ISAC and MDISS Sign Memorandum of Understanding (MOU) with FDA Around Collaboration of Medical Device Cybersecurity

A shared interest and collaboration in encouraging the identification, mitigation, and prevention of cybersecurity threats to medical devices fosters a MOU between NH-ISAC, MDISS and FDA HEALTH

Official Link – http://www.fda.gov/AboutFDA/PartnershipsCollaborations/MemorandaofUnderstandingMOUs/DomesticMOUs/ucm524376.htm

Kennedy Space Center, FL, October 18, 2016 – The National Health Information Sharing and Analysis Center, (NH-ISAC), the Medical Device Innovation, Safety and Security Consortium (MDISS), and the U.S. Food and Drug Administration (FDA) Center for Devices and Radiological Health (CDRH) recently signed a MOU to collaborate in areas of mutual interest.

The goals of collaboration include the following:

  1. Create an environment that fosters stakeholder collaboration and communication, and encourages the sharing of information about cybersecurity vulnerabilities that may affect the safety, effectiveness and security of the medical devices, and/or the integrity and security of the surrounding healthcare IT infrastructure;
  2. Develop awareness of the Framework for Improving Critical Infrastructure Cybersecurity and enable HPH sector stakeholders to successfully adapt and operationalize the framework for their organizations and products;
  3. Encourage stakeholders within the HPH Sector, to develop innovative strategies to assess and mitigate cybersecurity vulnerabilities that affect their products; and
  4. Build a foundation of trust within the HPH community so that all healthcare technology and medical device stakeholders can directly benefit from the sharing of cybersecurity vulnerability- and/or threat information identified within the HPH Sector, as well as intelligence feeds from other Critical Infrastructure Sectors that may secondarily affect healthcare and the public health.

“”We have been collaborating with both MDISS and the FDA for a period of time now and it is rewarding to have this memorandum of understanding in place, which formally outlines our collaboration goals”, says Denise Anderson, President of NH-ISAC, “We look forward to bringing the medical device security community together on several critical issues through our joint efforts.”

ABOUT NH-ISAC – The National Health Information Sharing and Analysis Center (NH-ISAC), the official healthcare information sharing and analysis center, offers non-profit and for-profit healthcare stakeholders, such as: independent hospitals, IDN “providers”, health insurance “payers”, pharmaceutical/biotech manufacturers, laboratory, diagnostic, medical device manufacturers, medical school and medical R&D organizations, a community and forum for sharing cyber and physical threat indicators, best practices and mitigation strategies. NH-ISAC is a non-profit corporation funded and owned by its members. Membership is open to any healthcare stakeholder seeking protection of valuable Personal Health Information (PHI) and compliance with Federal HIPAA regulations and standards, driving the assurance of patient health and life safety and fostering continuity of operations. Joining the NH-ISAC is one of the best actions health and public health services firms can take to ensure they partake in protecting the industry and its vital role in such a critical infrastructure. To learn more about the NH-ISAC or to become a member, please visit www.nhisac.org.

ABOUT MDISS – The Medical Device Innovation, Safety and Security Consortium (MDISS) founded in 2011, is a non-profit public health initiative and patient safety organization focused on medical device cybersecurity, along with practical technology, operations and policy solutions for improved safety of connected medical devices. MDISS was the first organization dedicated to these important medical device cyber health challenges and, in 2015, began to expand internationally. MDISS members bring deep expertise to inform an understanding of technical vulnerabilities; however, MDISS programs also support the development of epidemiologic methods, regulatory science and a public-private partnership model for public health interventions. To learn more about the MDISS or to become a member, please visit www.mdiss.org.