Following news of a report that pointed to cyber vulnerabilities in its cardiac devices, St. Jude Medical, a Minnesota-based global medical device manufacturer, announced it is forming a cyber security medical advisory board (CSMAB) to help advance its cybersecurity standards.
As reported by Healthcare Informatics, in late August, a report from short selling firm Muddy Waters noted demonstrations of two types of cyber attacks against St. Jude’s implantable cardiac devices: a “crash” attack that causes cardiac devices to malfunction—including by apparently pacing at a potentially dangerous rate; and, a battery drain attack that could be particularly harmful to device dependent users.
In a press release announcing the creation of the cybersecurity medical advisory board, St. Jude Medical wrote, “We recognize that improving technology to address cybersecurity risks must be balanced with how to best care for patients benefitting from medical devices. Creating the CSMAB ensures we receive direct feedback from leading physicians on patient management considerations. St. Jude Medical’s ongoing commitment is to ensure our medical device ecosystem always puts patient safety at the forefront.”
“We are in the process of finalizing membership for the Cyber Security Medical Advisory Board, and we will announce its members once finalized,” Mark Carlson, M.D., chief medical officer at St. Jude Medical, said in a statement. “We anticipate this board will work with technology experts at St. Jude Medical as well as external researchers to help us maintain and enhance cyber security and patient safety.”