FDA Raises Alarm Over Vulnerable Cardiac Diagnosis Tools

The devices are primarily used by hospitals to help monitor patients’ vitals and other health information, including their blood pressure and heart rate. In a note published earlier this week, the agency urged every facility using the tools to be wary of a bug, which could grant hackers remote access to them.

FDA warns hospitals about security flaws in some GE medical equipment https://t.co/v1vPM7rewd pic.twitter.com/POqkn6HcMa

— Engadget (@engadget) January 24, 2020

Defects Could Lead to Wrong Readings

The telemetry servers are usually placed within the nurse’s bay or at any other central location at the hospital. In its note, the FDA explained in its warning that these tools have a significant security flaw that could allow malicious parties to take control of the devices and manipulate operations. As the regulator explained, a corrupted device could easily be manipulated not to report signs of an impending cardiac anomaly, thus endangering a patient’s life. The devices could also be trained to make false alarms and readings, which could be deadly for patients and unnecessarily costly for hospitals. While both General Solutions and the FDA have confirmed that no fatal situations have come from this security flaw, they also urged hospitals to take the devices off their networks as a precaution. The agency confirmed that GE notified hospitals and healthcare facilities about the vulnerability last November. They also provided details for remedying the situation and getting a patch when the time comes.

Extra Policing for Health and Wellness Devices

The FDA has taken a particularly principled stand against technology being used in the healthcare space, mainly due to the reliance of healthcare practitioners on them. While companies have been quick to issue patches for security flaws also, pushing the patches onto the devices has been somewhat challenging. This is due to the process, which requires manual installation most of the time.

Medical Devices Very Vulnerable to Hacking, FDA Experts Warn https://t.co/z0zftZaTuB by @Medscape #health #technology #diabetes #cardiology

— Osagune (@osagune) September 18, 2019

Earlier this week, the agency gave regulatory clearance to VivaLINK, a Silicon Valley company that’s been developing a multi-vital patch and a software development kit. As the company noted, the patch is stuck to the skin and can detect RR interval, heart rate, patient movement, and cardiac arrhythmias such as atrial fibrillation. The tool comes with the electric components of an ECG, and accelerometer, a battery, and more. It is also reusable, which will make it a great choice for less opulent cardiologists, as most wireless cardiac monitors with its functionalities tend to be more single-use.

---

Images are courtesy of Shutterstock, Twitter, Pixabay.