Skip to main content
Home

Search

Header (Main)
Industry
Mobility Mobility
Automotive
Vehicle Electrification

Vehicle Electrification

Explore
Aerospace Engineering
Optimized Aircraft Downtime and Overhead Costs for a Leading Global Airline with Automated Analytics

Optimized Aircraft Downtime and Overhead Costs for a Leading Global Airline with Automated Analytics

Explore
Rail Transportation
Railway Track Inspection System

Railway Track Inspection System

Explore
Trucks & Off-Highway Vehicles
On the Road to Connected Mobility: An ER&D Perspective

On the Road to Connected Mobility: An ER&D Perspective

Explore
On the Road to Connected Mobility

On the Road to Connected Mobility: An ER&D Perspective

Explore
Sustainability Sustainability
Discrete Manufacturing & Industrial Products
Building Technology & Smart Infrastructure
Electrical Power and Controls
Industrial Machinery
Unlock the future of manufacturing with Factories of the Future

Unlock the future of manufacturing with Factories of the Future

Explore
Process Manufacturing
Oil & Gas
Chemicals
FMCG
ISG Provider Lens™ 2024: Oil and Gas Industry Services and Solutions

ISG Provider Lens™ 2024: Oil and Gas Industry Services and Solutions

Explore
L&T Technology Services and bp sign multi-year engineering services partnership

L&T Technology Services and bp sign multi-year engineering services partnership

Explore
Tech Tech
HiTech
Consumer Electronics
Media & Entertainment
NexGen Comms
Semiconductors
L&T Technology Services Secures $50 Million Deal as a Strategic Partner from a global Network Provider

L&T Technology Services Secures $50 Million Deal as a Strategic Partner from a global Network Provider

Explore
MedTech
Revolutionizing Endoscopy with Software-Defined Innovation in Collaboration with NVIDIA

Revolutionizing Endoscopy with Software-Defined Innovation in Collaboration with NVIDIA

Explore
Public Infrastructure & Smart Cities
Integrated Smart Surveillance Project

Integrated Smart Surveillance Project

Explore
Software & Platforms
LTTS & SymphonyAI to provide AI-based transformation

LTTS & SymphonyAI to provide AI-based transformation

Explore
Services
Digital Engineering & Consulting Digital Engineering & Consulting
Artificial Intelligence
Cybersecure
Security Monitoring
Security Services
Security Solutions
Immersive Experiences
Industry 4.0
Product Consulting
Sustainability Engineering
Sustainable Smart World
5G
LTTS Completes Acquisition of Intelliswift

LTTS Completes Acquisition of Intelliswift

Explore
Product Engineering Product Engineering
Software Engineering
Cloud Engineering
DevOps
Engineering Analytics
Immersive Experiences
Sustenance & Maintenance
User Experience
Voice Innovations
Embedded Engineering
Embedded Systems
Sustenance
VLSI
Wearables Engineering
Mechanical Design
CAE & CFD
CAx Automation
Testing & Validation
Integrated Design, Validation & Testing
Lab as a Service
Testing
Enabling a Paradigm Shift in Testing An LTTS AI Perspective

Enabling a Paradigm Shift in Testing An LTTS AI Perspective

Explore
Manufacturing Engineering Manufacturing Engineering
Smart Manufacturing
Accelerated Operations
Digital Factory & Simulations
Plant Design & Engineering
Supply Chain Engineering
Sourcing & Procurement
Manufacturing & Planning
Accelerated Operations
Digital Factory & Simulations
Line Expansion & Transfer
Manufacturing Automation
New Product Development
Plant Design & Engineering
PLM on Cloud
Manufacturing Execution
Agile Supply Chain
Content Engineering
Material & Parts Management
Sourcing & Procurement
Asset Reliability Centre

Asset Reliability Centre

Explore
Plant Engineering Plant Engineering
CAPEX Project E/EPCM Services
Operational Excellence
Plant Sustenance & Management
Material & Parts Management
Regulatory Compliance Engineering
ISG Provider Lens™ 2024: Oil and Gas Industry Services and Solutions

ISG Provider Lens™ 2024: Oil and Gas Industry Services and Solutions

Explore
Solutions
AiCE
AiKno®
AnnotAI
ARC
Asset Health Framework
CHEST-rAi™
Connected Security
EDGYneer
ESM
EvQUAL
FlyBoard®
Fusion
i-BEMS
Nliten
nBOn
PSM
SafeX
Semiconductor IP
Sensor & Gateway Solution
UBIQWeise 2.0
Insights
Analyst Reports
Blogs
Brochures
Case Studies
eBooks
Events
PoVs
Webinars
Whitepapers
Careers
About Us
Accolades
Alliances
Analysts
Board of Directors
CSR
Engineer At Heart
Engineering The Change
Investors
Nearshore Centers
News & Media
Quality Management
Corporate Sustainability
Testimonials
Contact
Header (Secondary)
Search
Mail
Country
EN
DE
JP
HE
Contact

Breadcrumb

  1. Blogs
  2. Industry
  3. 2023 US Omnibus Bill: Charting New Frontiers For Medical Device Security

2023 US Omnibus Bill: Charting New Frontiers For Medical Device Security

L&T Technology Services
L&T Technology Services

Author

Medical Devices

Published on 12 May 2023

min read

2023 US Omnibus Bill

The current state of healthcare cybersecurity is in a flux. Given the continuous rise in the number and extent of attempted and successful cybercrime incidents, healthcare organizations and medical device manufacturers today must have a robust vulnerability management and incident reporting process in place. After all, unaddressed cyber flaws in the medical equipment used by hospitals and clinics are similar to unsecured doors inviting intruders—or in this case, cybercriminals.

Early in 2023, the US Omnibus Appropriations Bill was approved, empowering the US Food and Drug Administration (FDA) with funding and the legal ability to regulate cybersecurity in medical devices.

This marks a new frontier in medical device security, since there is no legislation to specifically address medical device security requirements. Instead, each medical OEM has its own policies and procedures on how they manage cybersecurity for their devices(supporting systems) and offerings based on the guidance provided by FDA.

While in some cases these measures are adequate, in most instances, the cyber vulnerabilities persist.

A secure product development framework must now be implemented by manufacturers, in which cybersecurity is built into the devices. What this means is an adoption of the "secure by design" principle, ensuring the safety and effectiveness of a device with cybersecurity as an integral component, besides enabling a process for tracking vulnerabilities that may be discovered in the future after the product's release.

Device Security IS Device Safety

The Omnibus bill, signed into law in March 2023, goes on to state that the defined cybersecurity requirements must be met by all medical devices that contain software, may connect to the internet, or may be exposed to cyber threats.

It summarizes what the FDA's expectations will be from manufacturers with regard to the evidence they must supply, building on the FDA’s April 2022 advisory. As per its terms, any new application for the approval of a medical device must comply with:

Section 524B  - a

Pertaining to submitting a plan to monitor, identify and address (in a reasonable time), post market cybersecurity vulnerabilities, including, vulnerability disclosure and related procedures.

Section 524B – b

The design, development, and maintenance of processes and procedures to assure that the devices and related systems are cybersecure, and to make available post market updates and patches to the device/ related systems. This includes SBOM (software BOM) – commercial, OTS / open-source software components.

Section 524B - c

For software validated, installed, or authorized by the sponsor as device or in a device. This includes technological characteristics validated and installed by sponsor that could be vulnerable to cybersecurity threats.

Section 524B – d - Exemptions and Enactment date

There are some specified instances in the federal register – identified devices / category of devices – that are exempt from meeting the cybersecurity requirements. 

The Proposed changes are to be effective April 1, 2023 for all new submission by MedTech OEMs to the FDA.

What this means for you?

After the Omnibus Bill goes into effect, whoever submits a cyber-capable medical device to the FDA is required to:

  • Submit to the FDA Secretary a plan to track, recognize, and mitigate post-market cybersecurity exploits and vulnerabilities in a timely manner, including coordinated vulnerability disclosure and related procedures;
  • Design, create, and maintain processes and procedures to give a justifiable level of assurance that the device and associated systems are cybersecure, and make post-market updates and patches to the device and associated systems available to address:
    • Known unacceptable vulnerabilities on a justifiable regular cycle;
    • Critical vulnerabilities as soon as possible out of cycle; and
  • Provide to the Secretary of the FDA a software bill of materials, including commercial, open-source, and off-the-shelf software components.

As a medical device manufacturer, the revised landscape therefore offers new opportunities for you to deliver robust cybersecurity capabilities throughout the product lifecycle. In addition to meeting the statutory requirements, it would also help you unlock new value in the market with greater trust and confidence from your customers.

With the Act going in force, we can therefore expect to witness the rise of a revitalized  and secured cyber environment across the medical devices landscape, one that would help protect against the growing challenges of cybercriminals worldwide. 

Relevant Blogs

Mapping the Healthcare Digital Cloud Architecture: FHIR and EHR in MedTech
Restructuring Healthcare Delivery with Mobility and AR
SiMD/SaMD: Everything you need to know
Explore All

Stay Relevant With Us

Subscribe to our blogs

L&T Technology Services
L&T Technology Services

Author

L&T Technology Services Limited (LTTS) is a global leader in Engineering and R&D (ER&D) services. With 1,198 patents filed & 102 innovation and R&D design centers for 57 of the Global Top 100 ER&D spenders, LTTS lives and breathes engineering. Our innovations speak for themselves – World’s 1st Autonomous Welding Robot, Solar ‘Connectivity’ Drone, and the Smartest Campus in the World, to name a few.

LTTS’ expertise in engineering design, product development, smart manufacturing, and digitalization touches every area of human lives - from the moment one wakes up till the time one goes to bed. With 102 Innovation and R&D design centers globally, we specialize in disruptive technology spaces such as 5G, Artificial Intelligence, Collaborative Robots, Digital Factory, and Autonomous Transport.

LTTS is a publicly listed subsidiary of Larsen & Toubro Limited, the $21 billion Indian conglomerate operating in over 30 countries.

Footer Navigation
  • Industry
    • Mobility
      • Aerospace Engineering
      • Automotive
      • Rail Transportation
      • Trucks & Off-Highway Vehicles
    • Sustainability
      • Discrete Manufacturing & Industrial Products
      • Process Manufacturing
    • Tech
      • Consumer Electronics
      • MedTech
      • Media & Entertainment
      • NexGen Comms
      • Semiconductors
      • Software & Platforms
      • Public Infrastructure & Smart Cities
  • Services
    • Digital Engineering
      • Artificial Intelligence
      • Cybersecure
      • Security Monitoring
      • Security Solutions
      • Security Services
      • Immersive Experiences
      • Industry 4.0
      • Product Consulting
      • Sustainability Engineering
      • Sustainable Smart World
      • 5G
    • Product Engineering
      • CAE & CFD
      • CAx Automation
      • Software Engineering
      • Cloud Engineering
      • DevOps
      • Embedded Systems
      • Engineering Analytics
      • Integrated Design, Validation & Testing
      • Lab as a Service
      • Sustenance
      • Testing
      • Testing & Validation
      • User Experience
      • VLSI
      • Voice Innovations
      • Wearables Engineering
    • Manufacturing Engineering
      • Accelerated Operations
      • Agile Supply Chain
      • Content Engineering
      • Digital Factory & Simulations
      • Line Expansion & Transfer
      • Manufacturing Automation
      • New Product Development
      • PLM on Cloud
      • Plant Design & Engineering
      • Sourcing & Procurement
    • Plant Engineering
      • CAPEX Project E/EPCM Services
      • Material & Parts Management
      • Operational Excellence
      • Plant Sustenance & Management
      • Sourcing & Procurement
      • Regulatory Compliance Engineering
  • Engineering The Change
  • Careers
  • Engineer at Heart
  • Resources
  • Solutions
    • AiCE
    • AiKno®
    • AnnotAI
    • ARC
    • Asset Health Framework
    • CHEST-rAi™
    • Connected Security
    • EDGYneer
    • ESM
    • EvQUAL
    • FlyBoard®
    • Fusion
    • i-BEMS
    • Nliten
    • nBOn
    • PSM
    • SafeX
    • Semiconductor IP
    • Sensor & Gateway Solution
    • UBIQWeise 2.0
  • About Us
    • Accolades
    • Alliances
    • Blogs
    • Board of Directors
    • Careers
    • CSR
    • Events & Webinars
    • Investors
    • Media Kit
    • Nearshore Centers
    • News & Media
    • Quality Management
    • Resources
    • Corporate Sustainability
    • Testimonials
LTTS
  •  Twitter
  •  LinkedIn
  •  YouTube
  •  Facebook
  •  Instagram
  • Copyright & Terms
  • Privacy
  • Sitemap
  • info@ltts.com

© 2025 L&T Technology Services Limited. All Rights Reserved.