Altered insulin delivery could lead to dangerously high or low blood sugar levels, the company noted.
Engineered miniature kidneys come of age
It sounds like the plot of a crime thriller, but both the FDA and Medtronic said there are no known cases yet of someone hacking an insulin pump.Dr. Caroline Messer is an endocrinologist at Lenox Hill Hospital in New York City. She said it's pretty hard to "imagine cyberterrorists plotting the deaths of patients with diabetes by manipulating the inputs in their insulin pumps."
But, she added that "out of an abundance of caution, it is clearly better for the FDA to take a proactive approach and recall Medtronic's more vulnerable pumps."
Dr. Joel Zonszein, director of the Clinical Diabetes Center at Montefiore Medical Center in New York City, agreed. He said that "cybersecurity vulnerabilities are a 'side-effect' of devices, and as is done with medications, we need to balance the benefits and harms."
Remote monitoring tools. At the end of 2012, 2.8 million patients worldwide were using a home monitoring system, according to a Research and Markets report. Monitoring patients' health at home can reduce costs and unnecessary visits to a physician's office. Mr. Higman offers the example of a cardiac cast with a pacemaker automatically transmitting data to a remote center. "If there's something wrong for a patient, they can be contacted," he says. "It's basically allowing other people to monitor your health for you. It may sound invasive but is great for patients with serious and chronic illnesses."
People with diabetes use insulin pumps -- compact computerized devices -- to deliver insulin throughout the day via a small tube inserted underneath the skin. The affected devices connect wirelessly to a patient's blood sugar meter and to a continuous glucose monitor, which tracks a patient's blood sugar level throughout the day. The pump's data can also be uploaded to a computer and sent to the patient's doctor.
The potentially vulnerable insulin pumps include Medtronic's:
- Minimed 508 (All software versions)
- MiniMed Paradigm (All software versions for 511, 512, 712, 712E, 515, 715, 522, 722, 522K, 722K)
- MiniMed Paradigm (Software versions 2.4A or lower for 523, 723, 523K, 723K)
- MiniMed Paradigm Veo (Software version 2.6A and lower for 554, 754)
- MiniMed Paradigm Veo (Software version 2.7A and lower for 554CM, 754CM)
More recent Medtronic insulin pumps, such as the MiniMed 620G, 630G, 640G and 670G, are not affected by this vulnerability, according to Medtronic. Zonszein believes that a vulnerability to hacking likely isn't limited to the recalled devices. He noted that there are a number of people who have created do-it-yourself automated insulin pumps that aren't regulated by the FDA. Because information to create these DIY systems is shared online, these devices could also be at risk, Zonszein said.
Telemedicine/telehealth. Studies consistently show the benefit of telehealth, especially in rural settings that do not have access to the same resources metropolitan areas may have. A large-scale study published in CHEST Journal shows patients in an intensive care unit equipped with telehealth services were discharged from the ICU 20 percent more quickly and saw a 26 percent lower mortality rate than patients in a regular ICU. Adam Higman, vice president of Soyring Consulting in St. Petersburg, Fla., says while telemedicine is not necessarily a new development, it is a growing field, and its scope of possibility is expanding.
He believes health care providers also need to be careful with the information they gather from patients' pumps. Proper firewalls are needed to maintain safety, confidentiality and privacy, according to Zonszein.
Read more about the recall on Medtronic's website .