St. Jude forms cyber panel after claims of heart-device bugs
By Jim Finkle
(Reuters) - Medical-device maker St. Jude Medical Inc said on Monday that it planned to set up a medical advisory board focused on cyber-security issues affecting patient care and safety.
St. Jude said in a statement that the group, known as the Cyber Security Medical Advisory Board, would provide advice on cyber security standards for medical devices.
The St. Paul, Minnesota-based company is establishing the group as the U.S. Food and Drug Administration investigates claims that St. Jude heart devices are riddled with defects that make them vulnerable to fatal cyber hacks.
The FDA launched that probe in August after short-seller Muddy Waters and cyber research firm MedSec Holdings said they had placed bets that St. Jude shares would fall after they discovered the alleged vulnerabilities.
“We take the cyber security of our devices very seriously and creating the Cyber Security Medical Advisory Board is one more demonstration of our ongoing commitment to advancing standards of patient care around the world without comprising safety and security,” St. Jude Chief Medical Officer Mark Carlson said in a statement.
The board, whose membership has yet to be finalized, will work with technology experts at St. Jude Medical as well as external researchers to help "maintain and enhance cyber security and patient safety,” Carlson said.
Suzanne Schwartz, a senior official in the FDA's Center for Devices and Radiological Health, said the agency supports efforts by medical device manufacturers to prioritize cyber security.
"Doing so in collaboration with other stakeholders such as cyber security researchers, health care providers, patients and government agencies, means cyber security vulnerabilities are more likely to be identified, assessed and fixed in a timely manner before they can cause patient harm," she said in a statement. Continued...