Medcrypt, Inc. has announced its latest offering “FDA Cybersecurity Readiness Services” empowering medical device manufacturers (MDMs) to confidently navigate the U.S. Food and Drug Administration’s (FDA) Refuse to Accept (RTA) policy as well as the new Section 524B requirements stemming from the Consolidated Appropriations Act, 2023.
The RTA policy evaluates the acceptability of medical device submissions, focusing on crucial elements, including cybersecurity, and may result in refusal if requirements from the amendment of the Food, Drug, and Cosmetic Act (FD&C Act) are not met. Medcrypt’s comprehensive services also prioritize the FDA’s eSTAR, a now mandatory FDA program that guides manufacturers in documenting and describing to the FDA their cybersecurity efforts for all 510(k) submissions, unless exempted. Both initiatives were issued by the FDA with an effective date of October 1, 2023.
Medcrypt’s FDA Cybersecurity Readiness Services streamline MDMs’ FDA journey, catering to those preparing, submitting, or already encountering issues:
- FDA Cybersecurity Filing Readiness Survey: This free assessment for MDMs helps gauge submission readiness with survey questions aligned with the FDA guidance, including RTA/eSTAR and provides valuable insights into the risks to acceptance.
- FDA Cybersecurity Filing Remediation: For MDMs who do not pass the FDA Filing Readiness Survey or have received an FDA refusal, Medcrypt’s experts can help identify gaps and create a prioritized plan to rectify issues, ensuring the submission becomes acceptable.
- FDA Cybersecurity Submission Readiness: Aimed at MDMs with submissions either already under FDA review or planned for the near future, this service offers a comprehensive review using MedCrypt’s unique framework to ensure cybersecurity compliance.
- Hold Letter Cybersecurity Response: In the event of an FDA hold letter, Medcrypt provides immediate guidance to navigate the response process effectively.
“We developed the FDA Cybersecurity Readiness Services to address the growing demand from medical device manufacturers seeking guidance through the complex and evolving submission process. Our goal is to equip MDMs with comprehensive insights into cybersecurity gaps, enabling them to prioritize and manage these gaps efficiently,” Naomi Schwartz, senior director of quality and safety at Medcrypt.
Seth Carmody, VP of Regulatory Strategy at Medcrypt, shared, “Our program is led by experts who have previously held cybersecurity roles at the FDA, worked in medical device manufacturing, or comparable industries. This expertise ensures that our services meet the highest standards and help our customers successfully navigate the FDA’s stringent requirements.”
For MDMs, these services streamline the submission process, saving time and fostering confidence in meeting FDA requirements. Regulators also benefit from better-organized submissions, adhering to guidance and providing contextualized cybersecurity design and validation details as expected by the FDA. Medcrypt’s primary objective is to support MDMs facing new submissions under cybersecurity draft guidance and needing to comply with the amendment to the FD&C Act (Section 524B). In addition to assessing the pivotal role of FDA Cybersecurity Readiness Services, Medcrypt’s supporting product portfolio includes additional innovative products that address vulnerability management, network encryption, and cryptography.
Interested in ensuring your medical devices comply with FDA cybersecurity expectations (both requirements per the Act and recommendations per cybersecurity guidance)? Inquire with MedCrypt to learn more about our FDA Cybersecurity Readiness Services, designed to guide medical device manufacturers through the new 510(k) eSTAR submission requirement and the cybersecurity Refuse to Accept (RTA) policy and streamline the path to regulatory approval.