Jul 29, 2019

The US Food and Drug Administration has added a new standard developed by AAMI, ANSI and UL for safety of interoperable medical devices to its list of recognized consensus standards, providing a tool for manufacturers of interoperable products to demonstrate safety as well as cybersecurity risk management.

The standard, AAMI/ANSI/UL 2800-1:2019, establishes baseline requirements for safe and secure functioning of interoperable medical devices and systems, and identifies clinical and engineering characteristics necessary to support interoperability.

Now as an FDA recognized consensus standard, AAMI/ANSI/UL 2800-1:2019 may be used by US market registrants specifically to meet FDA guidance on design and premarket submission recommendations for interoperable devices.

“The issue of interoperability has become a major challenge especially for network-connected medical devices and systems,” says Anura Fernando, Chief Innovation Architect, Medical Systems Interoperability and Security at UL Healthcare. “Ensuring your device interacts effectively with other products and systems within a connected healthcare environment while at the same time building in defenses against cyber threats is both crucial and difficult for manufacturers and developers.

“By recognizing AAMI/ANSI/UL 2800 as a consensus standard, US FDA acknowledges the standard as an effective benchmark whereby interoperable device manufacturers can demonstrate safety and effectiveness,” Fernando adds.

FDA added a related standard, UL 2900-1 for network-connectable medical device cybersecurity, to its list of consensus standards in August 2017.

Learn more about US FDA cybersecurity requirements and standards for medical devices:

  • Cybersecurity risk management and procurement support
  • US FDA cybersecurity guidance consulting
  • Cybersecurity testing for network-connected software and medical devices
  • Webinar: Mapping cybersecurity standards to FDA guidance



  • Stewart Eisenhart