U.S. Reps Raise Medical Device Hacking Concerns

Published October 28, 2011

Reps. Anna Eshoo (D-CA) and Edward Markey (D-MA) asked the Government Accountability Office, Congress’ investigative arm, to evaluate efforts by the Federal Communications Commission and the FDA to protect medical devices using wireless technologies. The representatives make their request in mid-August.

Currently, there have not been any reports of anyone using an implanted medical device, but several experiments have demonstrated that such hacking is possible.

For example, researchers from the University of Massachusetts and the University of Washington reported in 2008 that they had been able to override the control mechanism of a pacemaker using a device that mimicked it, enabling them to access private data such as the identity of the patient and his or her diagnosis as well as the patient’s doctor.
Eshoo and Markey cited research conducted by Jay Radcliffe, a diabetic computer-security expert from Idaho, who demonstrated an unauthorized radio device he built to remotely manipulate his own wireless insulin pump during a digital self-defense conference in Las Vegas.

“I don’t believe this is much more than a theoretical problem,” said Devon Herrick, PhD, health economist and senior fellow at the National Center for Policy Analysis in Dallas, Texas. “Of greater concern is the potential for interference from the multitude of electronic devices people carry. Although the FDA regulates medical devices, it should be left up to the manufacturers to find ways to safeguard their products.”

Bruce Edward Walker ([email protected]) is managing editor of InfoTech & Telecom News.