“We’re excited to have Naomi in this role. With her FDA experience, her visionary approach will pave the way for success, ensuring that businesses not only meet the FDA’s stringent requirements but also thrive in an environment where cybersecurity is a fundamental business value.”
The FDA announced that on October 1, 2023, it would begin to Refuse to Accept (RTA) medical device premarket submissions that do not comply with PATCH Act requirements. Erez Kaminski, former head of AI with Amgen and founder of Ketryx, and Paul Jones, former FDA official and Executive Vice President of Ketryx, provide an overview of challenges companies face as they work to comply with the new cybersecurity regulations and standards.
The recently announced “Refuse to Accept Policy” signed into law under section 524B of the Federal Food, Drug, and Cosmetic Act (FD&C Act) gives the FDA more traction to encourage the medical device manufacturing industry to utilize software bills of materials that help to incorporate supply chain security. The ISA/IEC 62443 series of standards defines a secure product lifecycle process that can be adopted by medical device manufacturers to identify and manage the security risks of all external components used within the product.