I feel like maybe cybersecurity of implanted medical devices should be a basic requirement rather than a “we’ll get to that eventually” type of thing but it sounds like the FDA doesn’t agree. How can you reliably test the safety of a device if a critical component of the device’s safety is missing?
