FDA Philippines
Philippines β FDA Philippines
AO 2018-0002 + FDA Circulars on SaMD and cybersecurity
Authority
Food and Drug Administration, Philippines, Center for Device Regulation, Radiation Health and Research
Enforced
2018
Legal framework
RA 9711 (FDA Act) + AO 2018-0002 + Data Privacy Act 2012
Scope
All medical devices marketed in the Philippines; SaMD scope expanding via FDA Circulars.
Pre-market
Risk-class registration; ASEAN CSDT template; FDA / CE accepted.
Post-market
Adverse-event reporting; National Privacy Commission breach notifications.
SBOM
RecommendedEncouraged for SaMD; not yet mandated.
Vulnerability disclosure
DICT-CERT coordinated disclosure recommended.
Penalty
Registration cancellation; Data Privacy Act fines and criminal liability.
Unique requirements
- 01Philippine License to Operate (LTO)
- 02Philippine Authorised Representative
- 03Filipino / English IFU and labelling
Highlights
- ASEAN CSDT template alignment
- Data Privacy Act overlay
- FDA / CE approvals accepted
Aligns with
Timeline
-
2018
AO 2018-0002 published
-
2023
SaMD and cyber circulars expanded
Key documents
Related markets
Frequently asked about Philippines
Is SBOM required for medical devices in Philippines?
Recommended. Encouraged for SaMD; not yet mandated.
What does FDA Philippines require for pre-market cybersecurity?
Risk-class registration; ASEAN CSDT template; FDA / CE accepted.
What are the post-market cybersecurity obligations under FDA Philippines?
Adverse-event reporting; National Privacy Commission breach notifications.
What is the penalty for non-compliance with FDA Philippines cybersecurity rules?
Registration cancellation; Data Privacy Act fines and criminal liability.
How much of my FDA cybersecurity package is reusable in Philippines?
Roughly 80% β an editorial estimate based on overlapping evidence requirements (threat model, SBOM, security risk assessment, pen-test report).