Written by : Jayati Dubey
January 31, 2025
The FDA warned that these devices could be remotely accessed by unauthorized individuals, potentially leading to manipulation of patient data or device malfunctions.
The U.S. Food and Drug Administration (FDA) has identified three significant cybersecurity vulnerabilities in certain patient monitors manufactured by Contec and Epsimed, urging healthcare facilities to take immediate mitigation measures.
Patient monitors, which track vital signs such as temperature, heartbeat, and blood pressure, are widely used in hospitals and home settings.
However, the FDA warned that these devices could be remotely accessed by unauthorized individuals, potentially leading to manipulation of patient data or device malfunctions.
The agency also expressed concerns that compromised monitors could pose broader security risks by exposing healthcare networks to cyber threats.
Additionally, if connected to the internet, these devices can collect and export sensitive patient data, including personally identifiable information and protected health information, beyond the healthcare environment.
Despite these risks, the FDA clarified that no cybersecurity incidents, injuries, or deaths have been reported in connection with these vulnerabilities.
In a separate development, at the start of the year, the FDA released its first-ever draft guidance on the use of artificial intelligence (AI) in drug and biological product development.
The guidance provides recommendations on how AI can support regulatory decisions regarding safety, effectiveness, and quality.
FDA Commissioner Robert M Califf, MD, reaffirmed the agency’s commitment to fostering innovation while ensuring the highest scientific and regulatory standards.
Stay tuned for more such updates on Digital Health News.