Cyber hacking and medical risks of innovative medical devices
Dr KK Aggarwal
Imagine someone hacking your insulin pump and increase or decrease doses of insulin delivered. Similarly, someone can hack your pacemaker functioning, your private health data from the cloud and use it the way they want.
DCGI has now issued certain models are vulnerable to hackers. The drug regulator has issued a medical device alert over four models of Medtronics. MiniMed Paradigm (MMT-715, MMT-712, MMT-722) and MiniMed Paradigm Veo (MMT-754) can be hacked by a person with special technical skills who could tweak insulin delivery dosage of the user patient.
These insulin pumps are designed to communicate using wireless radio frequency (RF) with other devices such as blood glucose meters, glucose sensor transmitters and certain CareLink USB devices. An unauthorised person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change the settings and control insulin delivery.
The DCGI has appealed to medical directors, healthcare professionals, distributors, users and staff involved in management of patients to check if the model and software version of the insulin pump fall amongst the four risky models. If they do, patients should switch to a model with more cyber security protection.
Patients should not share the pump serial number with anyone, and be attentive to pump notifications, alarms and alerts. A patient should monitor his/her blood glucose levels closely. Connect the Medtronic insulin pump to other Medtronic devices and software only. It is also advisable to disconnect the USB device from your computer when you are not using it to download data from your pump. [The Hindu]
Padma Shri Awardee
President Elect Confederation of Medical Associations in Asia and Oceania (CMAAO)
Group Editor-in-Chief IJCP Publications
President Heart Care Foundation of India