Bradley Merrill Thompson, a Member of the Firm in the Health Care and Life Sciences practice, in the Washington, DC, office, was quoted in an article titled "FDA Should Reassess Hacking Risk in Medical Devices, GAO Says."

Following is an excerpt:

Wireless medical devices should go through more stringent pre-market review and post-market surveillance to protect against information technology security threats that could impact safety and effectiveness, the Government Accountability Office concluded in a report to Congress.

However, the threat of an intentional hacking of a device must be weighed against potential adverse effects that could result from increased security measures, such as limiting a product's performance or battery life, GAO said in its report released Sept. 27 titled "Medical Devices: FDA Should Expand Its Consideration of Information Security for Certain Types of Devices." ...

Brad Thompson, an attorney who represents industry at Epstein Becker & Green, warned against over-reacting to "hypothetical" or "fantastical" problems.

"I just find it politically driven, this notion of trying to create fear out of the idea that somebody could hurt someone else anonymously," Thompson said. "That's not a new idea. The fact is that we're sort of jousting at windmills. We've never even seen this happen."

He pointed out that the some of the technical safeguards to mitigate cyber security threats could cost significant amounts of money and come with certain trade-offs for the devices in question, such as shorter battery life or usability issues.

"None of this activity that they're contemplating is either free or without trade-off," he said. ...

Thompson said industry is aligned with FDA on the need to do what it can to address the risks identified and enumerated in the GAO report.

"We want people to have confidence in the products that are implanted in them," he said.

Thompson called for a "rational balance in the middle, where we're doing what we should responsibly do, using passwords and encryption and other mechanisms that are being developed by the [information technology] experts to combat these random acts of disruption."

However, he added, he does not think wireless medical devices should necessarily be held to a higher standard than other industries that may be at greater risk of attack by hackers.

Jump to Page

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.