FDA Safety Communication on Cybersecurity Vulnerabilities

Today, the U.S. Food and Drug Administration (FDA) issued a safety communication to alert health care providers and patients about cybersecurity vulnerabilities identified in a wireless telemetry technology used for communication between Medtronic’s implantable cardiac devices, clinic programmers, and home monitors. The wireless telemetry protocol has cybersecurity vulnerabilities because it does not use encryption, authentication, or authorization. The FDA has confirmed that these vulnerabilities, if exploited, could allow an unauthorized individual (for example, someone other than the patient’s physician) to access and potentially manipulate an implantable device, home monitor, or clinic programmer. Medtronic is working on security updates. The full safety communication is at: https://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm633960.htm

CSV Training Course

Learn FDA expectations for software validation for computer systems, quality system software, manufacturing and production process software, and engineering tools. Email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN) and Italy.