Software's level of complexity and use is expanding at exponential levels. Likewise, the potential risks to health follow suit. Ransomeware attacks hold your software hostage until you pay hundreds or thousands of dollars. Life supporting and life sustaining healthcare grinds to a halt. Extracting personal healthcare information is another plague that has a huge financial incentive for hackers. Your software is running on thin ice.
The FDA looks at software in one of three ways: Standalone, such as for a mobile app; device-based software used to control a device's performance, or simply electronic records. FDA's risk classification will gradually clarify how it intends to manage the health risks with premarket and postmarket controls. What the FDA did not see was the cancer of cybersecurity attacks, the failure of interoperability, and the explosion in the use of wireless communication and mobile apps.
Inadequate cybersecurity programs and the lack of interoperability for healthcare users pose the greatest threat to any healthcare system. Software exploitations are using more sophisticated approaches and the hackers' programs are readily available on the "dark web."