You are here

Research: Software as a Medical Device and Cyber Security for Medical Devices

15 February 2019

Globally, regulators of therapeutic goods are faced with numerous challenges concerning emerging medical device technology. The Therapeutic Goods Administration (TGA) recognises that, to continue providing a clear regulatory environment for medical devices in Australia, it is essential that we engage with the medical devices ecosystem during the development of new regulatory recommendations and guidelines.

The TGA has commenced consultation, which includes research conducted by CSIRO Futures, in the areas of Software as a Medical Device (SaMD), and Cyber Security for Medical Devices. Regulation of SaMD is challenged by the emergence of new players that may not have had the opportunity to engage with the TGA, or are lacking an awareness of the regulatory requirements in Australia. Cyber security challenges arise due to the increasing impact and complexity of the cyber threat landscape, and the lack of current regulatory guidelines to effectively address this.

The TGA engaged CSIRO to develop reports for both SaMD and cyber security that will help shape recommendations moving forward.

Software as a Medical Device

CSIRO Futures have completed their mapping of the emerging innovation landscape.

To assist the TGA to identify stakeholders in this environment, CSIRO engaged with industry to understand their activities and their needs for further engagement in order to appropriately support their knowledge of regulatory requirements relating to medical software innovations. The TGA has received CSIRO's recommendations and has begun delivering new content to support the SaMD industry. This includes an updated webpage about the regulation of SaMD, and the first two of our webinars on digital technologies which were held on 7 February and 7 March 2019.

Keep an eye on the TGA's communication channels for more content related to SaMD and other digital technologies in 2019.

Cyber Security for Medical Devices

The TGA, with CSIRO Futures, ran a dual format consultation consisting of an auditorium presentation held in Canberra (14 September 2018) with a simultaneous live stream webinar. The consultation sought to explore and capture the complexities of the Australian medical device cyber security landscape before commencing the development of new industry guidance. The webinar recording is available for viewing online.

CSIRO also conducted research into medical device cyber security best practice. The outcomes of this research were used to inform a draft guidance document for cyber security of medical devices. The document targeted guidance to three groups: the medical device industry, users including hospitals and healthcare providers and consumers. The draft document was published for public consultation.

The TGA recently completed its consultation on the draft regulatory guidance for the cyber security of medical devices. Based on submissions to the consultation, the guidance has been revised for publication. A summary of the consultation outcomes and the submissions will be made available from the consultation page.