The US Food and Drug Administration warns against hackers accessing cardiac device implants, and has issued guidelines on how to protect against such threats.
A wireless transmitter used to send data from cardiac devices to health care providers, specifically the Merlin@home Transmitter manufactured by St. Jude Medical, was found to be susceptible to online attacks, according to the FDA.
While there have been no reports of actual hacking attempts, the possibility was so alarming that St. Jude decided to work with the FDA and the Department of Homeland Security to come up with a software patch that would protect the device and patients.
In an official statement, FDA officials said,
Many medical devices —- including St. Jude Medical’s implantable cardiac devices —- contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits.
The transmitters of these cardiac devices are kept at home and are used to monitor things like pacemakers, defibrillators or resynchronization devices. Data collected is sent to a medical provider or back to the patient. The transmitter also allows doctors to change the settings on these devices remotely, ABC News reports.
Dr. Leslie Saxon, chairperson of St. Jude Medical’s Cyber Security Medical Advisory Board, said, “As medical technology advances, it’s increasingly important to understand how innovation and cyber security impact physicians and the patients we treat.” She further explained, “We are committed to working to proactively address cyber security risks in medical devices while preserving the proven benefits of remote monitoring to assess patient status and device function.”
The new software patch allowed the FDA to rule that the health benefits patients enjoy by using the device outweigh the cybersecurity risks.
The FDA advisory comes amidst growing concerns in the medical community over how hacking could potentially affect the medical field, given the growing number of devices that are relying on wireless technology.
Patients who have transmitters are advised to stick to their routine check-ups and to keep their transmitters connected to WiFi so that it can upgrade with the new software patches.
