JAMA: Cybersecurity Concerns and Medical Devices – Lessons from a Pacemaker Advisory

Interesting viewpoints from this Journal of the American Medical Association article on FDA’s August 2017 notice re: cyber security issues with certain pacemakers, including:

  • “This first widespread cybersecurity advisory involving a permanent medical device implant provides some insight into the ways in which the public experience with these types of medical device malfunctions might be improved.”
  • “Communications regarding widely used products for which multiple vendors exist in the marketplace should serve as opportunities to highlight current FDA and industry standards, and the degree to which similar products made by other manufacturers may be subject to similar concerns.”
  • “For devices such as pacemakers, it could have been anticipated that popular media reports of a “pacemaker recall” would capture the attention of many patients living with unaffected devices (including pacemakers made by other companies), who would wonder if their own device would be vulnerable to the same problem. Although it is not widely known if the vulnerabilities described for Abbott devices currently affect models from other manufacturers, prior research suggests that theoretically this may be the case, unless similar cybersecurity defenses have been incorporated into these implanted devices and base stations.
  • Thus, given the novelty of this event, the FDA might have leveraged the safety communication to specifically identify whether there is an industry-wide concern, and to clarify current security standards established by regulators for new device approval. This guidance might also proactively reassure the millions of patients who have pacemakers that are not subject to the advisory, a model for communication that may serve the public well going forward.”

Leave a Reply

Your email address will not be published. Required fields are marked *