FDA Safety Communication on Cybersecurity Vulnerabilities

Today, the U.S. Food and Drug Administration (FDA) issued a safety communication to alert health care providers and patients about cybersecurity vulnerabilities identified in a wireless telemetry technology used for communication between Medtronic’s implantable cardiac devices, clinic programmers, and home monitors. The wireless telemetry protocol has cybersecurity vulnerabilities because it does not use encryption, authentication, or authorization. The FDA has confirmed that these vulnerabilities, if exploited, could allow an unauthorized individual (for example, someone other than the patient’s physician) to access and potentially manipulate an implantable device, home monitor, or clinic programmer. Medtronic is working on security updates. The full safety communication is at: https://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm633960.htm

SoftwareCPR Training Courses:

IEC 62304 and other Emerging Standards Impacting Medical Device Software

Being Agile & Yet Compliant

ISO 14971 SaMD Risk Management

Software Risk Management

Medical Device Cybersecurity

Software Verification

IEC 62366 Usability Process and Documentation

Or just email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.