U.S. flag An official website of the United States government

On Oct. 1, 2024, the FDA began implementing a reorganization impacting many parts of the agency. We are in the process of updating FDA.gov content to reflect these changes.

  1. Home
  2. Regulatory Information
  3. Search for FDA Guidance Documents
  4. Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software
  1. Search for FDA Guidance Documents

GUIDANCE DOCUMENT

Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software Guidance for Industry January 2005

Final
Docket Number:
FDA-2020-D-0957
Issued by:
Guidance Issuing Office
Center for Devices and Radiological Health

A growing number of medical devices are designed to be connected to computer networks. Many of these networked medical devices incorporate off-the-shelf software that is vulnerable to cybersecurity threats such as viruses and worms. These vulnerabilities may represent a risk to the safe and effective operation of networked medical devices and typically require an ongoing maintenance effort throughout the product life cycle to assure an adequate degree of protection. FDA is issuing this guidance to clarify how existing regulations, including the Quality System (QS) Regulation, apply to such cybersecurity maintenance activities.


Submit Comments

You can submit online or written comments on any guidance at any time (see 21 CFR 10.115(g)(5))

If unable to submit comments online, please mail written comments to:

Dockets Management
Food and Drug Administration
5630 Fishers Lane, Rm 1061
Rockville, MD 20852

All written comments should be identified with this document's docket number: FDA-2020-D-0957.

Back to Top