The Food and Drug Administration just released some surprising news that it found poor software quality is to blame for many of the recalls that have been seen in the medical device industry. The FDA’s research revealed that such glitches were responsible for 24% of all such recalls.
Given this revelation, the FDA’s Office of Science and Engineering Laboratories will now begin dedicating significantly more time testing software quality and security. The goal will be to help reduce the failure rate cited in the most recent annual report released just this week. The agency will increase its efforts to avoid injury or death thanks to poorly designed or written software.
In a statement, the FDA said that it is developing “techniques and laboratory expertise to assist our review staff in identifying potential vulnerabilities and evaluating risk mitigation measures.” The procedures the agency will put into place are in line with those in other regulated industries and are intended to be rigorous. The statement continued saying, “Manufacturers are responsible for identifying risks and hazards associated with medical device software/firmware, including risks related to security, and are responsible for putting appropriate mitigations in place to address patient safety.”
There are multiple potential problems associated with software issues in medical devices. The first is obviously the risk such a failure can pose to a patient’s health and safety. The less obvious, but nonetheless important risk is to a patient’s privacy. Such devices can store vast troves of sensitive personal medical data that if compromised could reveal far more than a patient would feel comfortable with. There are even some devices that are connected to networks and which could conceivably be vulnerable to hacking attacks.
It was just this past month that Google reported disabling a hacked website that existed to distribute software updates for an array of medical devices. Among the devices receiving updates from the website include AVEA ventilators.
In 2011 researches with UC Berkeley and Carnegie Mellon, among others, found vulnerabilities in the software used to regulate patient’s heartbeats in external defibrillators. The group said that, “Our assessment demonstrates real vulnerabilities in medical devices and their software and gives a first glimpse into the viability of malware that can be expected in software-based medical devices.”
In 2008, the FDA started building a national electronic safety system designed to monitor the performance of medical devices. The system is called the Sentinel Initiative and a pilot version of it is currently in use. Hopefully the agency gets its system up and running as the dangers of bad software in medical devices appear to be on the rise.
If you or someone you know have been injured by a defective product and you would like to discuss your case with an attorney, please call contact the Georgia product liability litigation attorneys at Pope McGlamry P.C. today to schedule a free consultation.
Source: “FDA: Software Failures Responsible for 24% Of All Medical Device Recalls,” by Paul Roberts, published at ThreatPost.com.