FDA isn't doing enough to prevent medical device hacking, HHS report says

The inspector general's office identified cybersecurity in medical devices as one of the top management problems for Health and Human Services.

(CNN)The US Food and Drug Administration is not doing enough to prevent medical devices such as pacemakers and insulin pumps from being hacked, a report from the US Department of Health and Human Services' Office of the Inspector General said Thursday.

"FDA had plans and processes for addressing certain medical device problems in the postmarket phase, but its plans and processes were deficient for addressing medical device cybersecurity compromises," the report says.
The report came after the inspector general's office identified cybersecurity in medical devices as one of the top management problems for Health and Human Services. The FDA is the division responsible for the safety of these devices.
The report says policies did not adequately address medical device cybersecurity problems, the FDA had not sufficiently tested its ability to respond to emergencies, and it did not have written standard operating procedures.