The FDA user-fee agreements bill was recently reauthorized, but without the previously introduced medical device cybersecurity rules, SC Magazine reported Sept. 29.
The cybersecurity rules would have required developers to create processes for identifying and addressing security vulnerabilities and threats for products brought to market.
Greg Murphy, CEO and president of computer security service Ordr, told SC Magazine the removal of the cybersecurity provisions "illustrates why healthcare organizations can't wait for government regulations before acting."
The bill passed in the House in June. It aimed to reauthorize user-fee agreements, target lower costs, support innovation and improve generic drug competition.