Medical Devices: FDA Should Expand Its Consideration of Information Security for Certain Types of Devices

PDF Version Also Available for Download.

Description

A letter report issued by the Government Accountability Office with an abstract that begins "Several information security threats exist that can exploit vulnerabilities in active implantable medical devices, but experts caution that efforts to mitigate information security risks may adversely affect device performance. Threats to active devices—that is, devices that rely on a power source to operate—that also have wireless capability can be unintentional, such as interference from electromagnetic energy in the environment, or intentional, such as the unauthorized accessing of a device. Several experts consider certain threats to be of greater concern than others; for example, experts noted less ... continued below

Creation Information

United States. Government Accountability Office. August 31, 2012.

Context

This report is part of the collection entitled: Government Accountability Office Reports and was provided by UNT Libraries Government Documents Department to Digital Library, a digital repository hosted by the UNT Libraries. It has been viewed 30 times . More information about this report can be viewed below.

Who

People and organizations associated with either the creation of this report or its content.

Provided By

UNT Libraries Government Documents Department

Serving as both a federal and a state depository library, the UNT Libraries Government Documents Department maintains millions of items in a variety of formats. The department is a member of the FDLP Content Partnerships Program and an Affiliated Archive of the National Archives.

Contact Us

What

Descriptive information to help identify this report. Follow the links below to find similar items on the Digital Library.

Description

A letter report issued by the Government Accountability Office with an abstract that begins "Several information security threats exist that can exploit vulnerabilities in active implantable medical devices, but experts caution that efforts to mitigate information security risks may adversely affect device performance. Threats to active devices—that is, devices that rely on a power source to operate—that also have wireless capability can be unintentional, such as interference from electromagnetic energy in the environment, or intentional, such as the unauthorized accessing of a device. Several experts consider certain threats to be of greater concern than others; for example, experts noted less concern about interference from electromagnetic energy than other threats. Incidents resulting from unintentional threats have occurred, such as a malfunction resulting from electromagnetic interference, but have since been addressed. Although researchers have recently demonstrated the potential for incidents resulting from intentional threats in two devices—an implantable cardioverter defibrillator and an insulin pump—no such actual incidents are known to have occurred, according to the Food and Drug Administration (FDA). Medical devices may have several such vulnerabilities that make them susceptible to unintentional and intentional threats, including untested software and firmware and limited battery life. Information security risks resulting from certain threats and vulnerabilities could affect the safety and effectiveness of medical devices. These risks include unauthorized changes of device settings resulting from a lack of appropriate access controls. Federal officials and experts noted that efforts to mitigate information security risks need to be balanced with the potential adverse effects such efforts could have on devices’ performance, including limiting battery life."

Language

Item Type

Identifier

Unique identifying numbers for this report in the Digital Library or other systems.

Collections

This report is part of the following collection of related materials.

Government Accountability Office Reports

The U.S. Government Accountability Office (GAO) is an independent, nonpartisan agency that works for the U.S. Congress investigating how the federal government spends taxpayers' money. Its goal is to increase accountability and improve the performance of the federal government. The Government Accountability Office Reports Collection consists of over 13,000 documents on a variety of topics ranging from fiscal issues to international affairs.

What responsibilities do I have when using this report?

When

Dates and time periods associated with this report.

Creation Date

  • August 31, 2012

Added to The UNT Digital Library

  • June 12, 2014, 7:50 p.m.

Usage Statistics

When was this report last used?

Yesterday: 0
Past 30 days: 2
Total Uses: 30

Where

Geographical information about where this report originated or about its content.

Place Name

Publication Place

Map Information

  • map marker Automatically generated Place Name coordinates.
  • map marker Automatically generated Publication Place coordinates.
  • Repositioning map may be required for optimal printing.

Mapped Locations

Interact With This Report

Here are some suggestions for what to do next.

Start Reading

PDF Version Also Available for Download.

Citations, Rights, Re-Use

United States. Government Accountability Office. Medical Devices: FDA Should Expand Its Consideration of Information Security for Certain Types of Devices, report, August 31, 2012; Washington D.C.. (digital.library.unt.edu/ark:/67531/metadc295761/: accessed July 23, 2017), University of North Texas Libraries, Digital Library, digital.library.unt.edu; crediting UNT Libraries Government Documents Department.