On Oct. 18, the U.S. Food and Drug Administration issued new draft recommendations for medical devices’ cybersecurity designs that are intended to decrease the risk of device exploitability and patient risk. While many of these recommendations have likely been implemented by companies, there is concern the guidance could add more confusion than clarity for device makers.

The nonlegally binding suggestions are intended to serve as cybersecurity recommendations for premarket medical devices seeking approval from the FDA to enter the consumer market.