Anvisa has published Guide 38/2020, “Principles and Practices of Cyber Security in Medical Devices”. The content of the guide produced by the General Management of Health Products Technology (GGTPS), aligns with the International Medical Device Regulators Forum – IMDRF, as Brazil is a member.
The guide includes the following topics:
- to use a risk-based approach to the design and development of medical devices, with appropriate cybersecurity protections;
- to contribute to ensuring patient safety, performance and safety of medical devices;
- to point out that cybersecurity is a shared responsibility among all stakeholders, including, but not limited to, medical device manufacturers, healthcare services, users, Anvisa and those who encounter vulnerabilities; provide recommendations to stakeholders to help minimize the risk of patient harm during the product lifecycle;
- define terms and describe current best practices for achieving medical device cybersecurity;
- promote information sharing policies on cybersecurity incidents, threats and vulnerabilities to increase transparency and strengthen the response.
The guide is in force since its publication date (September 25, 2020) and is open to contributions from society until March 23, 2021.
Access the complete guide in the link below, available only in Portuguese:
Guide no. 38/2020:
About Global Regulatory Partners
Global Regulatory Partners Inc, (GRP) is an American company that provides regulatory affairs, clinical, quality and safety services to medical devices and pharmaceutical companies globally. GRP headquarters is located in Massachusetts USA and its main affiliates are located in China, Japan, Brazil, Mexico and Argentina. GRP helps many life science companies register their products in different countries in compliance with local regulations. To learn more, please contact us at firstname.lastname@example.org