The U.S Army Medical Materiel Agency (USAMMA) www.usamma.amedd.army.mil signed a “Cooperative Research and Development Agreement” (CRADA) with DeltaStrac™ last January to start a new cybersecurity pre-assessment process for medical device vendors hoping to do business with the Army.
Many modern medical devices, such as CT scanners, heart rate monitors and medical infusion pumps, need to connect to hospital networks to operate property. In an effort to ensure that medical devices purchased by the government do not introduce security vulnerabilities, each device must pass a robust security certification process.
USAMMA Clinical Technologies Product Manager Jimmy Bisenieks said, “Cybersecurity pre-assessments are intended to improve the overall acquisition process. This new business practice is designed to save time and money.”
Bisenieks explained, “Previously system-specific cybersecurity testing typically began after the contract award which created significant hurdles for both the government and the vendor. The process conflicted with industry’s best standards because device manufacturers often had to address security issues post-engineering, resulting in a” bolted on” fix rather than a ”baked in” solution.”
Vendors who are interested in finding out more about the cybersecurity pre-assessment process should go to the U.S Army Medical Research and Materiel Command’s New Products and Ideas web portal http://mrmc-npi.amedd.army.mil.