U.S Senators Bill Cassidy, M.D (R-LA) and Tammy Baldwin (D-WI) have introduced the “Protecting and Transforming Cyber Health Care (PATCH) Act” to ensure that the U.S. healthcare system’s cyberinfrastructure remains safe and secure for patients.
Over the course of the pandemic, there have been a number of ransomware attacks within medical devices and larger networks. These attacks affect patients, hospitals, and the medical device industry.
The PATCH Act would:
- Implement critical cybersecurity requirements for manufacturers applying for premarket approval through FDA
- Allow manufacturers to design, develop, maintain processes and procedures, to update and patch the device and related systems throughout the lifecycle of the device
- Establish a Software Bill of Materials for the device that will be provided to users
- Require the development of a plan to monitor, identify, and address post market cybersecurity vulnerabilities
- Request a Coordinated Vulnerability Disclosure to demonstrate safety and effectiveness of a device
Representatives Michael C. Burgess MD (R-TX) and Angie Craig (D-MN) have introduced companion legislation in the House of Representatives.
For more information on the PATCH Act, go to https://www.congress.gov.