We all know about Food and Drug Administration (FDA) food recalls. Remember the ban on romaine lettuce from Arizona? That was finally tracked down to a contaminated irrigation pipe. Quite a bit of tainted lettuce was eaten or discarded before that happened.
The FDA is in charge of more than just food. It also regulates and recalls medical devices. It is little appreciated that many medical devices nowadays either are essentially computers or contain subassemblies that are computers. So, they have all the issues that computers do: bugs, hardware failures, and cybersecurity risks.
Some medical devices, like bone screws, get recalled because they break before their intended end-of-life. Or because their sterile packaging does not protect them until the product’s expiration date. There are many others like this.
With medical devices involving computers, the reasons for recall are countless. Below are just a few:
Any of these could have results that are fatal.
Many medical devices are part of the “internet of things” (IoT) and communicate with each other or medical records systems via wires or wireless technology. Unfortunately, this means they are potentially “hackable.”
An intruder could say, cause an anesthesia cart to stop delivering an oxygen/anesthetic mixture and deliver only the anesthetic gas. This could kill the patient, while at the same time displaying results on the monitor that would indicate to the anesthesiologist that there was nothing wrong.
An implantable insulin pump could be wirelessly told to deliver a fatal overdose of insulin. Any device that is connected to a medical records system could be hacked to deliver false data. The possibilities are literally endless. And they are scary.
The FDA has a plan in place to dramatically improve its current surveillance of medical device problems. Obviously, this will involve a lot of infrastructure and database development and will involve all the usual privacy and security issues.
The FDA has in place a system of post-marketing surveillance that is designed to provide early warnings when problems arise in medical devices. Of course, there will be a wide learning curve. Checking the incoming data for indications of device problems is potentially an ideal application for artificial intelligence (AI).
The FDA has also issued guidance on cybersecurity to manufacturers of medical devices. That advice will strike cybersecurity experts as behind the curve:
So far, none of them address one of the most fundamental security flaws that repeatedly show up in software: elevation of privilege. Once a hacker has control of processes in the operating system (and even the most primitive devices have analogues of them), the hacker can create a Super-user who has control of the entire system and can bypass any security measures that are in place.
The software industry as a whole has no solution to this, because the concept of user privilege is fundamental to almost any operating system. The only way around it is to have “locked down” systems in which changes can be made only by the physical replacement of a chip. But that defeats all the advantages of the IoT and connectivity in general.
Medical device makers whose target market is medical professionals have focused on “more” –more accuracy, more graphics, better resolution, more connectivity, and so on – all of which translates into more expense.
With an increasing focus on costs in healthcare and with more devices aimed at consumers, the market will begin to ask, “What is good enough?”
Consumer-oriented blood glucose meters for diabetics are not as accurate as those designed for use in hospitals –but they are faster, far easier to use, and the newest designs do not require a fingerstick. Instead, they are read from a sensor stuck to the skin. Some newer hearing aids can be adjusted with a smartphone app, sparing the patient a visit to the audiologist.
The Holy Grail of consumer-focused medical devices might be this: an implantable device that will capture data on all critical physiological parameters and transmit warnings to the patient’s physician when something is out of line, or, in a real emergency, summon an ambulance. Smartphones can already broadcast locations to emergency medical services, adding the capability to transmit the patient’s physiological data.
This means that paramedics would arrive knowing what is wrong (heart attack, trouble breathing, severe blood loss) rather than having to assess the situation from a standstill. Of course, if the machine malfunctions or is hacked, it could send the wrong data to paramedics. Those dangers do exist and are very real. The hope for medical professionals is that we will find solutions to these problems so that medical devices can be counted on for accuracy and are oblivious to hackers.
Before we get to that place, we will need to find ways to ensure that our systems and medical devices are much more secure than they are at present, or we will widen the possibilities for disasters.