Cybersecurity

In this week’s Digital Health Roundup, Medtech Insight’s Marion Webb brings highlights from Deloitte’s 2025 Life Sciences Outlook Report with medtech leaders’ forecasting significant investments in AI/GenAI. Brian Bossetta talks about the US FDA’s newly formed Digital Health Advisory Committee. Elizabeth Orr highlights the pros and cons of penetration testing for cybersecurity and talks about the US FDA’s final guidance on pre-determined change control plans. Natasha Barrow highlights UK MHRA's AI Airlock Pilot program and MANIFEST.

Penetration testing, which involves ethical hackers identifying vulnerabilities before malicious actors can exploit them, is crucial for securing medical devices against cyber threats. The process is essential for compliance with regulations, preventing financial losses, and ensuring patient safety, cybersecurity experts say.

Patient safety group ECRI put AI-enabled applications at the top of its annual list of health hazards for 2025. The group says that despite its enormous potential, artificial intelligence presents the most significant risk among health technologies going into the new year.

In its inaugural two-day meeting, the FDA Digital Health Advisory Committee discussed the promise of generative AI-enabled medical devices as well as challenges the agency faces in premarket evaluation, benefit/risk analysis, and postmarket monitoring.

Medical device manufacturers are among the companies that will face more regulatory challenges in the coming year. Two new reports look at the growing complexity of the regulatory landscape organizations will have to navigate.

Despite the growing risks cybersecurity poses to the US healthcare system, the Department of Health and Human Services continues to face challenges in meeting the threat, according to a report from the GAO. The new report also provides recommendations for the department to beef up its cyber defenses.

Medtech Insight talked with GE HealthCare’s chief AI officer Parminder “Parry” Bhatia at HLTH about the firm’s new CareIntellect for Oncology offering to help clinicians make efficient use of multimodal patient data, his vision for projects within AI Innovation Lab, and the future of AI in health care.

Recognizing October as cybersecurity awareness month, the US FDA has added new publications to its list of resources concerning the cybersecurity of medical devices.

Medtech Insight was on the ground at HLTH looking for innovative companies. Learn about seven start-ups using AI to help physicians detect conditions including prostate and breast cancers, seizures and heart failure; assess patients for cognitive decline validate and deploy algorithms, and monitor patients in and out of the hospital.

The commission's recently reelected president also wants the new commission to evaluate the need for potential changes to the medtech regulations.

Now European businesses are returning to “normal” after the summer break, they will find key developments have occurred in the EU during the traditional holiday season.

This week, Change Healthcare admittedi ts February breach revealed sensitive information like medical diagnoses and Social Security Numbers; the Coalition for Health Artificial Intelligence released its Assurance Standards Guide and Reporting Checklist for developers; and the FDA announced public meetings in July on IVD classification, the Home as a Health Care Hub initiative, and device sterilization.

Device manufacturers still have a low level of cybersecurity maturity, but larger companies seem to be doing better than smaller ones.

In this episode, Medtech Insight senior reporter Hannah Daniel speaks to Mark Brown, Global Managing Director of Digital Trust Consulting at the British Standards Institute about digital trust. In a world of cybersecurity breaches and ransomware attacks on hospitals, digital trust between companies and consumers is key, but current siloed operations can hinder that. We talk about the EU’s AI act, the speed of digital transformation, cybersecurity incentives, and how principle-based regulations are better than prescriptive ones.

At the recent Precision Med Tri-Con conference, health care leaders and AI enthusiasts Eric Topol and Doug Flora discussed how AI integration will change the way doctors practice medicine and patients receive care.

Medical device cybersecurity is a part of a larger ecosystem that should not—and cannot—be ignored.

Risk-based AI regulations and data modernization are just a few of the top policy priorities from thought leaders attending the largest health care technology professional gathering in the world. 

Draft guidance from the US Food and Drug Administration details what the agency wants to see to demonstrate cybersecurity in connected devices during premarket submissions. 

Systems from Change Healthcare are experiencing disruptions for the seventh day in a row after a ransomware attack on parent company UnitedHealth Group.

HHS publishes a new website and releases its essential and enhanced voluntary cybersecurity performance goals.