The PATCH Act
Nathan E Botts
/ Categories: Security

The PATCH Act

A bill that aims to improve medical device and network security.

The PATCH Act is a bill that aims to improve device and network security.

A new Senate bill introduced this week (including legislation in the House) would require medical device developers to be more accountable for the cybersecurity of their products.

Sens. Tammy Baldwin, D-Wisconsin, and Dr. Bill Cassidy, R-Louisiana, have introduced the bipartisan Protecting and Transforming Cyber Health Care Act, which would establish a set of new criteria for device and network security.

It would establish cybersecurity requirements that:

  • Established cybersecurity requirements for companies seeking premarket authorization from the Food and Drug Administration.
  • Encourage developers and manufacturers to update devices and related systems across its purported lifecycle.
  • Create a Software Bill of Materials for devices that will be distributed to customers.
  • Require the creation of plans to monitor, identify, and remedy cybersecurity vulnerabilities once the product has been released.
  • To show a device's safety and effectiveness, request a Coordinated Vulnerability Disclosure.

The current bill and the bill that it amends from 1990 are linked below.

Previous Article OCR Cybersecurity Newsletter: Defending Against Common Cyber-Attacks
Next Article Facebook Is Receiving Sensitive Medical Information from Hospital Websites
Print
2404 Rate this article:
4.0
1Upvote 0Downvote
Tags: medical devicesPATCH ActSenate BillHL7 CMHAFFCybersecurity Policy

Documents to download

More links

  • S.3395 - Medical Device Integrity ActTo amend the Federal Food, Drug, and Cosmetic Act with respect to records and other information inspections.
  • Summary: H.R.3095 — 101st Congress (1989-1990)Safe Medical Devices Act of 1990 - Amends the Federal Food, Drug, and Cosmetic Act (FDCA) to require medical device user facilities to report to the Secretary of Health and Human Services, the manufacturer, or both whenever they believe there is a probability that a medical device has caused or contributed to a death, illness, or injury. Defines a medical "device user facility" (DUF) to mean a hospital, ambulatory surgical facility, nursing home, or outpatient treatment facility which

Related articles

Please login or register to post comments.
How to Protect Your Privacy as More Apps Harvest Your Data How to Protect Your Privacy as More Apps Harvest Your Data

How to Protect Your Privacy as More Apps Harvest Your Data

A New York Times Personal Tech series article by Brian X. Chen

Retrieved By Health eConsultation 0 14826 Article rating: 5.0

In this article written by Brian X. Chen from the New York Times he discusses some of the potential ways in which mobile apps that you download to your phone may be collecting and using your personal data in ways you did not know.

One of the key takeaways is that there are ways in which to protect yourself and tools that can help you figure out which apps are collecting your data and how to remove their ability to do so.

Read more
Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications

Stay Private: How to Hide Your Webcam, Mute Your Mic, and Turn Off Notifications

An article from Zapier

Nathan E Botts 0 14834 Article rating: 5.0

One consideration as you gather and store more personal health information on your computer and devices is making sure that you are not inadvertently sharing this information (or some other aspect of your personal health) through your webcam or mic.

This article from Zapier outlines several different ways and some handy applications that can help you control this on your PC or MAC.

Read more
Determining the Value of Compromising Your Privacy Determining the Value of Compromising Your Privacy

Determining the Value of Compromising Your Privacy

An article from Engadget

Nathan E Botts 0 9932 Article rating: No rating

This article from the Engadget web magazine discusses how your online searching behaviors might be monitored by different companies that you are unaware about. This data is likely used to build profiles that may impact the advertisements you see, credit ratings received, and other potential social network aspects as of yet identified. 

Read more
Cybersecurity: Crash Course Computer Science #31 Cybersecurity: Crash Course Computer Science #31

Cybersecurity: Crash Course Computer Science #31

Retrieved By Health eConsultation 0 14448 Article rating: No rating

Cybersecurity: Crash Course Computer Science #31Cybersecurity is a set of techniques to protect the secrecy, integrity, and availability of computer systems and data against threats. In today’s episode, we’re going to unpack these three goals and talk through some strategies we use like passwords, biometrics, and access privileges to keep our information as secure, but also as accessible as possible. From massive Denial of Service, or DDos attacks, to malware and brute force password cracking there are a lot of ways for hackers to gain access to your data, so we’ll also discuss some strategies like creating strong passwords, and using 2-factor authentication, to keep your information safe. Check out Computerphile’s wonderful video on how to choose a password! https://www.youtube.com/watch?v=3NjQ9b3pgIg Pre-order our limited edition Crash Course: Computer Science Floppy Disk Coasters here! https://store.dftba.com/products/computer-science-coasters Produced in collaboration with PBS Digital Studios: http://youtube.com/pbsdigitalstudios Want to know more about Carrie Anne? https://about.me/carrieannephilbin The Latest from PBS Digital Studios: https://www.youtube.com/playlist?list=PL1mtdjDVOoOqJzeaJAV15Tq0tZ1vKj7ZV Want to find Crash Course elsewhere on the internet? Facebook - https://www.facebook.com/YouTubeCrash... Twitter - http://www.twitter.com/TheCrashCourse Tumblr - http://thecrashcourse.tumblr.com Support Crash Course on Patreon: http://patreon.com/crashcourse CC Kids: http://www.youtube.com/crashcoursekids

Read more
RSS

What is Health eDefense?

Health eDefense is the act of protecting your personal health information. This not only protects your privacy, security, and safety, but also protects the data of your family, friends, and others in your community.

The Health eDefense platform is dedicated to providing consumers with actionable information on how to protect their personal health information effectively from cyber threats. Health eDefense provides informational content and education related to cyber security, privacy and consent, security, and related topics and policies such as HIPAA and GDPR.

Cyber security is impacting our daily lives, and our personal and protected health information is a target for hackers and criminals looking to make money off of our personal data. Your personal health data will always be about your health, demographics, social, lifestyle, financial history, and other related details. Once taken, they cannot be taken back.

We think the best cybersecurity tool is education and awareness, and we hope to provide users with tools and insight to protect themselves and their data better.