security and privacy qualities of medical devices an analysis of fda postmarket surveillance安全和隐私的医疗设备质量分析fda时间监测.pdfVIP

Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance 1 1 2 2 2 Daniel B. Kramer *, Matthew Baker , Benjamin Ransford , Andres Molina-Markham , Quinn Stewart , Kevin Fu2, Matthew R. Reynolds1 1 Department of Medicine, Beth Israel Deaconess Medical Center, Harvard Medical School, Boston, Massachusetts, United States of America, 2 Department of Computer Science, University of Massachusetts, Amherst, Massachusetts, United States of America Abstract Background: Medical devices increasingly depend on computing functions such as wireless communication and Internet connectivity for software-based control of therapies and network-based transmission of patients’ stored medical information. These computing capabilities introduce security and privacy risks, yet little is known about the prevalence of such risks within the clinical setting. Methods: We used three comprehensive, publicly available databases maintained by the Food and Drug Administration (FDA) to evaluate recalls and adverse events related to security and privacy risks of medical devices. Results: Review of weekly enforcement reports identified 1,845 recalls; 605 (32.8%) of these included computers, 35 (1.9%) stored patient data, and 31 (1.7%) were capable of wireless communication. Searches of databases specific to recalls and adverse events identified only one event with a specific connection to security or privacy. Software-related recalls were relatively common, and most (81.8%) mentioned the possibility of upgrades, though only half of these provided specific instructions for the update mechanism. Conclusions: Our review of recalls and adverse events from federal government dat