Skip to Primary Navigation

Skip to main content

Understanding FDA cybersecurity requirements for medical devices and FCA enforcement

Medical equipment is visible in a hospital emergency room in Walnut Creek, California, March 15, 2022.
Photo: Gado/Getty Images

Ariel Z. Seeley | Morgan Lewis, Jonathan York | Morgan Lewis, Heather Egan | Morgan Lewis, Hannah Levin | Morgan Lewis+2

5 min read
 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Key considerations for medical device manufacturers and how to prepare for a cybersecurity incident.

In June 2025, the US Food and Drug Administration (FDA) issued a final guidance titled Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions (2025 Cybersecurity Guidance). This guidance updates the 2023 guidance of the same title with the agency’s interpretation of and compliance recommendations for(FDDCA)

, , , , , , , , , ,