1. Medtech Insight
  2. >>Policy & Regulation
  3. >>Regulation

International Regulators Issue Final Cybersecurity Guidance

A final IMDRF guidance on medical device cybersecurity reinforced US and Canadian regulatory thinking on issues such as a total product life cycle approach, shared responsibility and creating a software bill of materials.

Cybersecurity and global communication, secure data network technology, cyberattack protection for worldwide connections, finance, IoT and cryptocurrencies, planet Earth in space, elements from NASA

International regulators have finalized a guidance on how to promote cybersecurity integrity in medical devices that includes taking a total product life cycle (TPLC) approach, sharing responsibility across the health care spectrum and listing a software bill of materials. The guidance is based on work largely led by US and Canadian regulators, which have been ahead of others in developing such regulations.

On 20 April the International Medical Device Regulators Forum (IMDRF) published the final version of its draft cybersecurity guidance...

More from Regulation

FDA Changes Fail To Diminish US Appeal To European Medtech Industry

 
• By Amanda Maxwell

Despite staffing cuts and uncertainty at the FDA, the US still offers EU medtech firms stronger regulatory support, regulatory expert Bassil Akra told Medtech Insight. This is especially valued as EU rules are often viewed as overly stringent, unclear and difficult to follow.

Environmental Group Questions FDA’s Stance On PFAS In Medical Devices

 
• By Brian Bossetta

The US FDA says PFAS used in medical devices are safe and that there’s no reason to restrict them in device production. An environmental group finds the agency’s assertion questionable.

EU4Health Boost For Orphan Devices And SMEs

 
• By Ashley Yeo

EU4Health, the main funding instrument for EU health initiatives, has put renewed emphasis on orphan devices in its 2025 work program, published in July.

PathAI Talks PCCPs: ‘Accelerated Software Updates, Saves Time And Money’

 
• By Natasha Barrow

The US FDA has authorized around 107 devices with Predetermined Change Control Plans in place, with PathAI's AISight Dx digital pathology image management system one of the latest. Medtech Insight talks to Eric Walk, chief medical officer, to find out about the process and its benefits.

More from Policy & Regulation

Brazil’s Medtechs Look To Solutions After 50% US Tariff Hit Amid ‘Scenario Of Uncertainty’

 
• By Bernard Murphy

Hopes that last-minute negotiations might exempt Brazil’s $300m medtech exports from the latest round of US tariffs have been dashed, leaving the industry braced for further market instability that countermeasures could trigger.

Survey Reveals Gaps In Medtech Compliance Processes

 
• By Elizabeth Orr

Medical device firms often have serious compliance gaps, a recent Veeva MedTech survey found. Only 50% of the companies surveyed are confident in their global registration data, with 70% reporting inconsistencies during audits. The report recommends automation and better data governance.

Environmental Group Questions FDA’s Stance On PFAS In Medical Devices

 
• By Brian Bossetta

The US FDA says PFAS used in medical devices are safe and that there’s no reason to restrict them in device production. An environmental group finds the agency’s assertion questionable.