Medical device testing is essential for the safety of patients and the efficacy of their treatment.
It is therefore terrifying when a potential problem is flagged, as has happened recently with the recall of Medtronic’s MiniMed 508 and MiniMed Paradigm series pumps in the US.
Not only are these older pump models open to hacking over wireless networks, people who hack them could potentially control the dose of somebody’s which if done incorrectly could lead to hyperglycemia if too little were administered, and hypoglycaemia and even coma and death if too much were given.
“While we are not aware of patients who may have been harmed by this particular cybersecurity vulnerability, the risk of patient harm, if such a vulnerability were left unaddressed, is significant,” Suzanne Schwartz, MD, of the FDA’s Center for Devices and Radiological Health, said in a statement.
Over 4,000 patients have been identified for the recall, which is taking place as the manufacturers cannot come up with a software update that will provide a security patch for this risk. It has been advised that patients immediately change their device to a newer model without the risk attached to it. However, the cost of these devices runs to thousands of dollars.
The news follows on from warnings in March from the FDA about cybersecurity risks surrounding Medtronic’s implantable cardiac devices and telemetry systems and has encouraged all device manufactures to consider cybersecurity risks in development at implementation.