(Reuters) – The U.S. Food and Drug Administration (FDA) said on Thursday it had identified three cybersecurity risks associated with certain patient monitors from Contec and Epsimed and urged healthcare facilities to mitigate those risks.
Patient monitors, used in both healthcare facilities and home settings, display vital patient information including temperature, heartbeat and blood pressure.
The FDA raised concerns about cybersecurity vulnerabilities in the patient monitors that could allow unauthorized individuals to access and potentially manipulate those devices.
The patient monitors could be remotely controlled by unauthorized users or may not function as intended, and the network to which these devices are connected could be compromised, the agency warned.
The FDA also said that once these devices are connected to the internet, they can collect patient data, including personally identifiable information and protected health information, and can export this data out of the healthcare delivery environment.
The agency, however, added that it is currently unaware of any cybersecurity incidents, injuries, or deaths related to these identified cybersecurity vulnerabilities.
(Reporting by Sneha S K in Bengaluru; Editing by Mohammed Safi Shamsi)
