AL1874B - No Time to Comply: New FDA Product Security Requirements

On March 29th, 2023, FDA’s new product cybersecurity enforcement begins. December’s Omnibus Bill requires Medical Device OEMs to submit a Software Bill of Material (SBOM) and to use SBOMs to coordinate Post-Market product cybersecurity efforts. This legislation applies to all products (including legacy) with software defined components and is meant to replace the FDA’s proposed medical device cybersecurity requirements (taken from the PATCH Act).