Health/ Medical Devices
32 July 22, 2019
of insulin pumps made by the US com-
pany Medtronic, saying they pose a
“cyber security risk” because unautho-
rised persons could wirelessly gain con-
trol over them. The July 2 alert has cited
an “urgent safety field notification” from
Medtronic and a US Food and Drug
Administration (FDA) warning on June
27 about the pumps—electronic
devices that deliver insulin into the
bloodstream.
An unauthorised person with special
technical skills and equipment could
potentially connect wirelessly to a near-
by insulin pump to change the settings
and control insulin delivery. Un autho -
rised tampering with the settings could
expose patients to the risks of fatal low
blood glucose or high sugar levels.
The FDA warned all patients and
doctors about Medtronic MiniMed™
insulin pumps and said that patients
with diabetes using these models should
switch their insulin pump to models
that are better-equipped to protect
against these potential risks.
Medtronic is recalling these pumps.
The following alerts were issued by it:
“One should keep insulin pump and the
devices that are connected to the pump
within your control. Never share your
pump serial number. Be attentive to
pump notifications, alarms, and alerts.
Disconnect the USB device from your
computer when you are not using it to
download data from your pump.”I
t was in March 2019 that the FDA
issued a safety communication to
alert healthcare providers and pat -
ients about cyber security vulnerabilities
identified in a wireless telemetry tech-
nology used for communication between
Medtronic’s implantable cardiac devices,
clinic programmers and home monitors.
Although the system’s overall design fea-
tures help safeguard patients, Medtronic
is developing up dates to further miti-
gate these cyber security vulnerabilities.
To date, the FDA is not aware of any
reports of patient harm related to cyber
security lapses. However, it is a fact
that a remote control of the device in
the hands of unauthorised persons can
be used to stop delivering a shock
when needed or giving a shock when
not needed.In another case, the FDA, in October
2018, issued a safety alert that Medtro -
nic was issuing a software update to
address a safety risk caused by cyber
security vulnerabilities associated with
the internet connection between Care -
link 2090 and Carelink Encore 29901
programmers. These were used to
down load software from the Medtronic
SDN. This update was a voluntary recall
by the manufacturer to address the
safety risk.
There have been other warnings of
software glitches. On April 11, 2018, the
FDA approved a firmware update that
was intended as a corrective action to
reduce the risk of patient harm due to
premature battery depletion and poten-
tial exploitation of cyber security vulner-
abilities for certain Abbott ICDs (imp -
lantable cardiac defibrillators) and
CRT-Ds (cardiac resynchronisation
devices). “Firmware” is a specific type of
software embedded in the hardware of a
medical device (e.g. a component in the
defibrillator).
It was in January 2016 that the FDA
issued guidance outlining important
steps that medical device manufacturers
should take to continually address cyber
security risks to keep patients safe and
better protect public health. While man-
ufacturers can incorporate controls in
the design of a product to help prevent
these risks, it is essential that they also
consider improvements during mainte-
nance of devices. The evolving nature of
cyber threats means risks may arise
throughout a device’s entire lifecycle.
All medical devices that use software
and are connected to hospital and
healthcare organisations’ networks have
vulnerabilities—some we can proactively
protect against, while others require vig-
ilant monitoring and timely remedia-
tion. The FDA guidance also addresses
the importance of information-sharing
via participation in an Information
Sharing Analysis Organisation (ISAO), a
collaborative group in which public and
private-sector members share cyber
security information.
The draft guidance indicates that inInsulin pumps (above) deliver insulin into
the bloodstream. Unau th o rised tamper-
ing with their settings could expose
patients to the risks of fatal low blood
glucose or high sugar levels.