Select Page

Author: William Hyman

Hacked Insulin Pump

The fact that connectivity, and perhaps wireless connectivity in particular, allows for hacking for mischief, theft, politics, social protest and other forms and varying degrees of evil should surely come as no surprise. In turn, that a wireless medical device might be hackable should be somewhere on the mind of developers, users, and regulators. Thus the report from the recent Black Hat conference that someone hacked an insulin infusion pump (not pictured above), and in so doing was then able to alter its settings, should also not be particularly shocking, but should serve as yet another reminder, that security associated...

Read More

FDA Addresses Mobile Medical Apps

As medical applications for mobile devices have proliferated,  regulatory questions have proliferated nearly as fast, at least in some quarters. The key questions are what kinds of apps are medical devices, and among those, which will the FDA focus on for regulatory action.  To date these apps range from home use  adviser’s, guides and “toys”, which may or may not have real health care implications, to serious medical devices which have clear health care functions, despite in at least some cases, pretending they do not really, perhaps in an attempt to avoid the FDA. On July 19, 2011 the FDA announced its proposed official action in this regard, including defining “mobile medical applications”  that are the subject of this action. (I will use the acronym MMA, although the FDA did not.) . This includes a new FDA web page for mobile apps (here), with links to a new Draft Guidance, information for consumers, and a press release. This action by the FDA has a parallel to the recent final rule on Medical Device Data Systems (MDDS), discussed by Tim here, which also addressed what is it, what is it not, and how that which is will be regulated. The Draft Guidance, dated July 21, 2011, defines an MMA as a “software application that can be executed (run) on a mobile platform, or a web-based software application that is tailored to a mobile platform but is executed...

Read More

Storms From the Cloud

Given the analogy between actual clouds and computer clouds, it now seems appropriate to extend the concept to storms that those clouds may bring. This was illustrated recently (April 21, 2011) when Amazon had a cloud outage (a mixed metaphor no doubt) in their Amazon Web Services business. This situation was covered by the NY Times (here), and the professional computer press (here) among others. As a result of Amazon’s problems some Web sites were reported to be down for as long as 11 hours, although actual loss of previously stored information has seemingly not been part of the problem–this time. However there is a related question for any new data that was or should have been generated during the outage. Where is it, and will the gap be properly filled in retroactively? The Amazon postmortem explanation has to be  what will be a classic, if it is not already a classic. In fact I can picture a pull down menu of explanations where this would have to be one of the choices. The explanation in short: a configuration error was made during a network upgrade. A far more detailed explanation was posted by Amazon here. From a Web page perspective an interesting aspect of the posted explanation is that while it is clearly on the Web site, it is not easily found, if it all, by starting...

Read More

Recent Tweets