Rosen, Young Introduce Bipartisan Legislation to Strengthen Cybersecurity for Medical Devices

WASHINGTON, DC – U.S. Senator Jacky Rosen (D-NV), a member of the Senate Health, Education, Labor and Pensions Committee, recently introduced her bipartisan Strengthening Cybersecurity for Medical Devices Act with Senator Todd Young (R-IN), which would require the U.S. Food and Drug Administration (FDA) to review and update medical device cybersecurity guidelines and suggestions to ensure devices are protected from possible hacking and cyber attacks. 

“In light of increased cyber threats, we must strengthen the security of our health care system’s cyber infrastructure,” said Senator Rosen. “This bipartisan bill I introduced with Senator Young will ensure that medical devices and technologies are up to date with the latest cybersecurity, protecting patients and health care systems.” 

“Medical devices are increasingly connected to the Internet or other health care facility networks to provide features that improve the ability of health care providers to treat patients,” said Senator Young. “Our bill helps ensure medical devices are protected from cyberattacks and used safely and securely in order to reduce risks and vulnerabilities for patients.”

The bipartisan Strengthening Cybersecurity for Medical Devices Act would require the FDA, in consultation with the Cybersecurity and Infrastructure Security Agency (CISA), to review guidance for industry and FDA staff regarding medical device cybersecurity and make updates as appropriate at least every two years. This provision would ensure a more timely review to keep the guidance current. The bill also requires FDA to share information publicly regarding federal resources for health care professionals, medical device manufacturers, and health systems to identify and address cyber vulnerabilities, and access support.  Additionally, the bill requires a GAO report examining medical device cybersecurity vulnerabilities and recommendations for improving federal coordination to support cybersecurity for medical devices.

Senator Rosen has been a leader in strengthening America’s cybersecurity infrastructure. In March, she and Senator Bill Cassidy (R-LA) introduced their bipartisan Healthcare Cybersecurity Act, which would direct CISA to collaborate with the Department of Health and Human Services on improving cybersecurity in the Health Care and Public Health Sector, one of the United States’ sixteen critical infrastructure sectors. Senator Rosen has also introduced a bipartisan bill to bolster the cybersecurity of the Department of Veterans Affairs and protect veterans’ personal information.