There is an increasing recognition of the need to improve cybersecurity in the healthcare sector (particularly relating to medical devices). For example, the Chairman of the House of Representatives’ Committee on Energy and Commerce recently asked HHS in a formal letter to “develop a plan of action for creating, deploying, and leveraging [bill of materials] for health care technologies,” which refers to the process of listing out medical device components (including software) and any known risks. The request comes on the heels of similar recommendations in the Health Care Industry Cybersecurity Task Force report and concerns raised by the WannaCry and NotPetya ransomware attacks (which we have covered previously – click here, here and here). For more information about this development, check out the blog article written by Sarah Stec and me on our sister health care blog, Triage.