Anna Rudawski (US)

Subscribe to all posts by Anna Rudawski (US)

FDA issues final guidance on postmarket medical device cybersecurity

By Anna Rudawski (US) on January 6, 2017 Posted in FDA & Food Safety

On December 28, 2016, the U.S. Food and Drug Administration (FDA) released final guidance on the management of cybersecurity vulnerabilities for marketed and distributed medical devices. The guidance establishes a risk-based approach for the reporting of medical device cybersecurity vulnerabilities to the FDA. The FDA guidance reflects the agency’s concerns that cybersecurity vulnerabilities in networked … Continue reading

HHS update: Looking toward audits and increased enforcement

By Anna Rudawski (US) and Mark Faccenda (US) on September 8, 2016 Posted in Enforcement

The Department of Health and Human Services and its Office of Civil Rights (OCR) are capping off a very active 2016. In the last 6 months, the OCR has released a new audit protocol, announced new rounds of HIPAA audits, and stepped up enforcement. The flurry of activity comes after a prolonged period of anticipation in … Continue reading

Your money or your PHI: New guidance on ransomware

By Mark Faccenda (US) and Anna Rudawski (US) on July 14, 2016 Posted in Regulatory

On June 12, 2016, the HHS Office of Civil Rights (OCR) released guidance, entitled “FACT SHEET: Ransomware and HIPAA,” in response to the rising number of ransomware attacks perpetrated against healthcare entities. The guidance addresses Health Insurance Portability and Accountability Act (HIPAA) issues that may arise when medical records containing Protected Health Information (PHI) are compromised … Continue reading