The Food and Drug Administration's draft guidance for artificial intelligence-enabled medical devices reflects a major change in how regulators address software that changes over time.
The framework recognizes AI's ability to evolve while emphasizing patient safety, transparency and accountability, said Phil Englert, vice president of medical device security at Health Information Sharing and Analysis Center.
Under the non-binding guidance FDA released in 2025, manufacturers must account for risks unique to AI systems, including model drift, bias and data poisoning.
Rather than requiring static models, the FDA expects organizations to implement predetermined change-control plans that support monitoring, testing and auditability.
Englert, who predicts the FDA will finalize the draft guidance next year, also stressed the importance of collaboration between manufacturers and healthcare providers. Organizations need clear governance policies, approved AI tools and staff education programs that help manage emerging risks while protecting sensitive data, he said.
"A regulated medical device is meant to be stable, accurate and repeatable, right? And AI changes over time, it evolves its output, and so the FDA wanted to recognize that that's the case and put in some guidance, so that manufacturers and healthcare… understand these additional risks."
In this audio interview conducted with ISMG during the recent HealthSec conference in Boston, Englert also discussed:
Englert, vice president of medical device security at the Health-ISAC, has more than 30 years of technical and operational leadership experience in healthcare and life sciences. He was previously the chief product officer for MedSec, a cybersecurity consulting and services firm that focuses on hospitals and medical device manufacturers. Prior to that, he served as global leader for medical device cybersecurity at Deloitte, where he led client engagements developing medical device security programs.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。