The Food and Drug Administration (FDA) issued a recall last week on a number of Medtronic MiniMed insulin pumps. The high-tech pumps communicate with other devices, such as blood glucose meters, glucose monitoring systems, the remote control, and CareLink USB devices.
Because of a glitch in the software, they provide a cybersecurity risk too.
Medtronic patients were notified in a letter from the company that it’s possible for someone who is tech savvy to wirelessly change the settings that control the delivery of insulin.
The pumps in danger of a cybersecurity breach include all software versions of the MiniMed 508.
The MiniMed Paradigm is also at risk. The recall includes all software versions for the following models:
In addition, the MiniMed Paradigm software versions 2.4A and lower are affected for the 523, 723, 523K, an 723K.
Lastly, the MiniMed Paradigm Veo, software versions 2.6A and lower, are affected for models 554 and 754. The 2.7A and lower software versions of MiniMed Paradigm Veo models 554CM and 754CM also made the recall list.
United States patients that own one of the recalled insulin pumps should speak to their health care professionals about switching to a newer model. Medtronic is also offering users of the recalled pumps an exchange to a newer safer model. The newer Medtronic insulin pumps, such as the MiniMed 620G, 630G, 640G, and 670G, do not present a security risk.
Medtronic is offering a discounted price of $399 on newer model pumps through the end of 2019.
Better safe than sorry
In a statement from Suzanne Schwartz, MD, of the FDA’s Center for Devices and Radiological Health, she said, “While we are not aware of patients who may have been harmed by this particular cybersecurity vulnerability, the risk of patient harm if such a vulnerability were left unaddressed is significant.”
According to Dr. Schwartz, a medical device that connects to any communications network, like Wi-Fi or the internet, may be vulnerable to cybersecurity “hacks” by unauthorized users. At the same time, it’s important to remember that the ever increasing use of wireless technology in medical devices offers a safer, more convenient, and timely health care delivery.
If someone were to successfully connect with the MiniMed insulin pumps and change the pumps settings, the patient could receive too much insulin. This could lead to hypoglycemia. If it went the other way and insulin was stopped, the patient would be in danger of hyperglycemia and diabetic ketoacidosis. All of these are extremely serious and could prove fatal.
An ounce of prevention
Of course, it’s unlikely that a hacker would invade your insulin pump. However, patients that use one of those listed in the FDA recall should stop using it as soon as possible.
Your insurance may cover the expense of a new pump. Check that out first. If insurance doesn’t cover the pump and you can’t afford a new one, speak to your doctor about options. They will best know how to guide you.