As part of its commitment to continuous improvement and the security of its electronic devices, St. Jude Medical Inc. has announced that it will immediately deploy the latest release of cybersecurity updates for its Merlin™ remote monitoring system that is used with implantable pacemakers and defibrillator devices. The improvements include security updates that complement the company’s existing measures and further reduce the extremely low cybersecurity risks.
All medical devices using remote monitoring are exposed to the risk of a potential cybersecurity attack. St. Jude Medical is not aware of any cybersecurity incidents related to a St. Jude Medical device, nor is it aware that any specific St. Jude Medical device or system in clinical use has been purposely targeted. In recognition of the changing cybersecurity landscape and the increased public attention on highly unlikely medical device cyber risks, we are informing the public about these ongoing actions so that patients can continue to be confident about the benefits of remote monitoring.
“There has been a great deal of attention on medical device security and it’s critical that the entire industry continually enhances and improves security while bringing advanced care to patients,” said cybersecurity expert Ann Barron DiCamillo, former director of U.S. CERT and advisor to St. Jude Medical’s Cybersecurity Medical Advisory Board. “Today’s announcement is another demonstration that St. Jude Medical takes cybersecurity seriously and is continuously reassessing and updating its devices and systems, as appropriate.”
“We’ve partnered with agencies such as the U.S. Food and Drug Administration (FDA) and the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) unit and are continuously reassessing and updating our devices and systems, as appropriate,” said Phil Ebeling, vice president and chief technology officer at St. Jude Medical.
As technology evolves, St. Jude Medical made seven software updates in three years to the Merlin@home™ transmitter alone, and it will immediately release its latest software update to Merlin@home™, which will begin to be implemented immediately. The update includes additional validation and verification between the Merlin@home™ device and Merlin.net. St. Jude Medical has collaborated with the FDA, DHS ICS-CERT and other regulators in implementing this update. The company also plans to implement additional updates in 2017.
As is always recommended, patients should make sure that their Merlin@home™ unit is plugged in and connected via landline or cellular adapter so they can receive these and any future automatic security updates. Physicians or patients with any questions should call the Merlin hotline at 877-696-3754 or visit www.sjm.com/Merlin for more information.
© 2018, TechNation Magazine. Site designed by MD Publishing, Inc.