S. 3983, the Protecting and Transforming Cyber Health Care (PATCH) Act, was introduced on March 31, 2022 by Senators Tammy Baldwin (D-WI) and Bill Cassidy (R-LA). The bill would require manufacturers of cyber devices to include in premarket submissions to the Food and Drug Administration (FDA) information on cybersecurity that would demonstrate reasonable assurance of safety and effectiveness through the product lifecycle. Manufacturers would be required to furnish to the FDA a software bill of materials including commercial, open source and off-the-shelf software components included in the device, and to monitor postmarket cybersecurity vulnerabiities.
- Published: 24 April 2022 24 April 2022
- Last Updated: 24 April 2022 24 April 2022