Category Archives: Ethics

cyber security copy

FDA confirms: Hacking a pacemaker only requires commercially available equipment

By: Giselle C. Matlis, Research Assistant

On August 29, 2017 the FDA published a Safety Communication, Firmware Update to Address Cybersecurity Vulnerabilities Identified in Abbott’s (formerly St. Jude Medical’s) Implantable Cardiac Pacemakers , where they announced that they have reviewed information concerning potential cybersecurity vulnerabilities associated with implantable cardiac pacemakers.cyber security copy

In its Safety Communication, FDA confirmed that if exploited, these vulnerabilities could allow an unauthorized user with commercially available equipment to access a patient’s device and could be used to modify programming commands to the implanted pacemaker.  This could result in patient harm from rapid battery depletion or administration of inappropriate pacing. At this point, there have been no known patient harm, however, the FDA has approved a firmware update that addresses these cybersecurity vulnerabilities and reduces the risk of exploitation and subsequent patient harm.

In fact, former Vice President Dick Cheney discussed his fears that terrorists could hack into his pacemaker, a fear he saw come to life while watching an episode of “Homeland.”Indeed, when doctors implanted Cheney’s pacemaker in 2007, they disabled the wireless feature out of fear that someone could manipulate it and disrupt his heartbeat.

The FDA has been warning about cybersecurity on medical devices for over a decade.  As Eric Luyer stated in his March 2017 article “the time to implement a proactive, comprehensive risk management program to eliminate cybersecurity threats is now”.

Cybersecurity of connected medical devices must be a key step in the design process.  Medical Device manufacturers must be proactive instead of reactive to cybersecurity concerns when developing new products.


With Growth Rates Stagnating In Developed Markets, What Is A Med-Tech Exec To Do?

Push for growth in emerging markets like Brazil, Russia, India and China (BRIC).
For some Med-Tech Companies, growth rates in emerging markets are double, triple and in some cases 10-fold those in the US and other developed markets. This trend was clearly evident as I listened to and reviewed transcripts from Q4 2012 earnings calls from Johnson & Johnson, Boston Scientific, and Medtronic.

While emerging markets continue to present significant growth opportunities, how can med-tech companies address the variety of needs and delivery models in these markets, while addressing increasing pricing pressures in developed economies?

Continue reading


Qualcomm Helps Bring Star Trek Technology to Healthcare

By Daniel R. Matlis

In 1966 the Star Trek television series introduced us to the Medical Tricorder – a hand held device used by doctors to diagnose diseases and collect vital medical information about a patient.   Forty-five years later this object of an active imagination may in fact become reality.


The X PRIZE Foundation and Qualcomm Foundation recently announced the Qualcomm Tricorder X Prize – a $10 million global competition to develop devices that will give consumers access to their state of health by using mobile technology.  Some of the technology needed to meet this goal has already been developed.

I recently had the opportunity to chat with Rick Valencia, VP and GM of Qualcomm Life about the Tricorder X Prize, Qualcomm Life’s 2netTM Platform and its impact on Healthcare.

“Up to 90% of health care spending today goes to managing chronic diseases,” commented Valencia.   There is a shift to a new model of health care delivery based on Accountable Care Organizations (ACOs).  The ACO mission is to keep patients healthier (and out of hospitals) through coordinated care.  Mobile communication devices play an important role in supporting this shift and making this goal more realistic.  “Hospital readmissions are a $25B problem in this country,” added Rick – enabling mobile devices to transmit medical data to health care practitioners on a periodic basis would enable early intervention.   Lower readmission costs will enable the market to support transformation to new health care models.

“Qualcomm’s 2net Platform and Hub were developed to be used in connection with wireless medical devices to support this transformation, “Rick stated.  It is important to note that both the 2net Platform and Hub are listed with the FDA as Class I Medical Device Data Systems (MDDS), which makes Qualcomm a medical device manufacturer.  The 2net Platform allows medical devices to connect via USB, Bluetooth or Wi-Fi to so that their data can be available across the continuum of care – an issue with managing chronic diseases.

“The beauty of the 2net ecosystem is that it provides medical device manufacturers with a one stop shop for wireless enablement of their devices.  It is also an open forum that encourages the creation of new healthcare apps,” noted Rick.  Using the 2net technology, data could be aggregated and analyzed for trends or anomalies.  The Platform connects patients with caregivers, family, and clinicians providing timely feedback.

Rick also pointed out that there are several benefits to device manufacturers around implementing this new technology:

  • It provides a means of getting data out of devices outside of the clinical setting:
  • It creates an interoperable ecosystem with medical devices, mobile medical applications and health service providers like hospitals; and
  • It provides system support for tracking and tracing.

“Wireless technology is the biggest platform on earth.  We need to leverage it in health care,” declared Rick.  That is reason why the Qualcomm Foundation joined with X PRIZE to challenge the industry to develop a global customer platform.

I concur with Rick, mobile devices are the most exiting tools available today to improve health care.


The Most Important Proposed FDA Rule No One Is Talking About

By James McCormack PhD

On February 19, 2010, FDA published a proposed rule [75 FR 7412] that, when finalized, will have a profound effect on sponsors and the relationship between sponsors and persons they hire to plan, design, perform, review, or report biomedical research.  The proposed rule titled, “Reporting Information Regarding Falsification of Data”, will require sponsors to report to FDA, information indicating that any person has, or may have, engaged in the falsification of data in the course of performing their duties. 

Why does FDA believe this regulation is necessary?  The answer to that question can be principally found in the disqualification of a clinical investigator, Dr. Robert A. Fiddes, in June 1999 (See FDA’s Debarment Order, Clinical Investigator Disqualification List, and the Notice of Opportunity for Hearing). Among the many acts of falsification, he created false case reports for subjects that were never enrolled or did not exist, forged signatures on informed consent forms for the respective subjects, falsified records of medical procedures that were never performed, substituted test results from subjects who met the study’s inclusion criteria and improperly substituted for other subjects who did not meet the inclusion criteria, and paid Individuals, who were not study subjects, to give specimens in place of false study subjects.  Although Dr. Fiddes conducted studies for 47 sponsors affecting over 90 applications his actions were not reported to FDA.  Out of concern for the integrity of the preclearance review process and the rights and welfare of research subjects, FDA investigated why such widespread falsification could have gone unreported.  The agency determined that there was some ambiguity in the regulatory requirements regarding what information and when sponsors were to report information on possible incidences of falsification.  Therefore, the agency has proposed this rule to clarify a sponsor’s reporting requirements for studies conducted by, or on their behalf, or a study on which a sponsor relies to support a product approval.

            What research is covered by the proposed rule?  The reporting requirements will apply to information related to studies including, clinical investigations, nonclinical laboratory studies, and clinical studies in animals.

            What products are covered?  All FDA regulated products; food, drugs (human and veterinary), biologics, and medical devices.

            What do sponsors have to report?  The proposed rule does not require sponsors to make a definitive determination of falsification or establish the intent of the person who may have committed data falsification.  A sponsor is responsible for submitting information that they are aware of that a person has, or may have, falsified data.  The agency intentionally did not propose a specific threshold of information or the form, quantity, or reliability of the evidence that a person may have falsified data.  It seems apparent that the agency intends the reporting requirement to be an intelligence gathering activity that will be subject to further investigation and evaluation before serving as the basis of administrative or enforcement actions.         

When do sponsors have to report?  Under the proposed rule sponsors are required to report information they have regarding falsification, or possible falsification, to the appropriate FDA Center, no later than 45 calendar days after becoming aware of the information.

How do sponsors distinguish falsification from unintentional errors?  This is perhaps the most intriguing question raised by the proposed rule.  The agency addressed the distinction by defining “falsification” as creating, altering, recording, or omitting data in such a way that the data do not represent what actually occurred.  The proposed rule provides examples of unintentional errors, e.g., typographical errors and transposed numbers or characters, and states that such events should not be reported under the proposed rule. 

The public comment period ended in May 2010.  It is likely that the rule be finalized soon and the biomedical research environment will change accordingly.  Sponsors will need to develop robust controls to assure that possible incidences of falsification are detected, evaluated, and reported and persons performing services for sponsors should consider implementing their own controls as sponsor scrutiny will certainly increase.    

Dr. James McCormack presently serves as the Vice President of Life Sciences Compliance, at IBM.  He previously served as the Corporate Vice President of Regulatory Affairs and Compliance at Charles River Laboratories following an 18-year career in FDA as a preclearance review scientist and as FDA’s Bioresearch Monitoring Program Coordinator. 

The views expressed in this article are those of the author and do not necessarily represent those of his employer, Life-Science Panorama, its editor or Axendia, Inc.