AusBiotech is seeking contribution from affected members as it considers its response to the Therapeutic Goods Administration's (TGA) consultation on the International Medical Device Regulators Forum (IMDRF)'s Medical Device Cybersecurity Guide (MDCG) Working Group.
The consultation is now open and it seeks comment on the proposed document Principles and Practices for Software Bill of Materials for Medical Device Cybersecurity, which considers cybersecurity in the context of medical devices that either contain software, including firmware and programmable logic controllers (e.g., pacemakers, infusion pumps) or exist as software only (e.g., Software as a Medical device (SaMD)).
The scope of this guidance is limited to consideration of the potential for patient harm related to the regulated medical device. This includes, threats that could impact performance, negatively affect clinical operations, or result in diagnostic or therapeutic errors are considered in scope of this document. While other types of harm such as those associated with breaches of data privacy are important, they are not considered within the scope of this document.
The International Medical Devices Regulatory Forum (IMDRF) is a voluntary group of medical device regulators that was formed in 2012 with the purpose of building on the strong foundational work of the Global Harmonization Task Force (GHTF) to promote a regulatory model that responds to emerging challenges while protecting and advancing public health and safety. Australia's TGA is a current member of the Forum along with Brazil, Canada, China, the European Union, Japan, Russia, and the USA.
AusBiotech is currently consulting with its AusMedtech Regulatory Affairs Advisory Group to consider a submission in response to this consultation.