Abstract
BackgroundMedical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting.MethodsWe used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices.ResultsReview of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism.ConclusionsOur review of recalls and adverse events from federal government databases reveals sharp inconsistencies with databases at individual providers with respect to security and privacy risks. Recalls related to software may increase security risks because of unprotected update and correction mechanisms. To detect signals of security and privacy problems that adversely affect public health, federal postmarket surveillance strategies should rethink how to effectively and efficiently collect data on security and privacy problems in devices that increasingly depend on computing systems susceptible to malware.
Highlights
Medical devices play a growing role in the care of millions of patients worldwide.[1,2] Devices for diseases ranging from heart failure to diabetes improve patient outcomes and may ease disease management.[3]
Food and Drug Administration (FDA) Enforcement Reports In order to identify a comprehensive denominator of medical device recalls, we accessed publicly available weekly enforcement report listings on the FDA website.[12]
Enforcement Reports We identified 1845 recalls issued from January 2009 to May
Summary
Medical devices play a growing role in the care of millions of patients worldwide.[1,2] Devices for diseases ranging from heart failure to diabetes improve patient outcomes and may ease disease management.[3] Recent innovations in medical device design include more complex diagnostics and the storage of patient data In many cases, this information can be transmitted directly to physicians or indirectly through a third-party provider, sometimes using wireless systems, to assist with diagnosis and management of chronic medical problems. Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.