Most of us own computers and cell phones, and as such, have been threatened with viruses, malware and other attacks. In the past, hackers have raged war on individuals as well as large corporations such as government agencies, movie studios and banks. Now, healthcare entities are being threatened by these cyberattacks, and as a result, patients are at risk.

Cyber security risk reduction for medical devices is not new to the FDA. The agency has been taking steps in this area since 2013, when its cyber security program was first developed.

Medical devices are becoming more technologically advanced than ever. While this is good news to some degree, it ultimately means these devices can be hacked. Researchers have discovered than many of today’s medical devices have vulnerabilities. These vulnerabilities can be used by hackers to gain access and control of a patient’s device. This can lead to dire, even fatal, consequences.

This may seem like a scary situation, but the good news is that the Food and Drug Administration (FDA) is taking steps to prevent this from happening. The agency is strengthening its cybersecurity program in an effort to protect patients.

Have Any Medical Devices Been Hacked?

Currently, there are no known situations in which a cyber security threat has impacted functioning of a medical device, and the FDA wants to keep it that way. The agency cannot let its guard down, as a serious cyber attack can happen at any time. Many medical devices are connected to technological networks, so the risk of threat is high.

On October 11, 2018, Medtronic announced new programming updates for its CareLink and CareLink Encore devices, models 2090 and 2990. The FDA Alert notes that these new programming guidelines are intended to improve security and functioning of these Medtronic devices in order to thwart potential cyber security attacks.

What Is The FDA Doing To Keep Medical Devices From Being Hacked?

  • The FDA has launched a cyber security playbook so that healthcare delivery organizations can be prepared in the event that a cybersecurity event does occur.
  • The FDA has also signed two agreements for shareholders. This will allow for more information to be shared so there is more transparency in regards to cybersecurity risks. From manufacturers to hospitals to doctors to government entities and researchers, all stakeholders play a role in reducing the risk of cybersecurity threats and protecting patients.
  • The FDA also offers pre-market guidance to help manufacturers understand potential cybersecurity issues so they can design safe devices.
  • Postmarket guidance is also offered where the FDA helps manufacturers prepare for possible cybersecurity threats so they can respond quickly without jeopardizing patient health. The FDA now has new recommendations for these types of guidance, so they will likely be updated in the coming weeks.

Defective Medical Device Attorneys Of Nadrich & Cohen

The attorneys of Nadrich & Cohen will continue to monitor cyber security issues surrounding medical devices such as pacemakers, defibrillators and other devices which require connectivity to computers/internet for proper functioning, reporting and updates.