Amid the growing chorus of critics worried for the security of medical device software, one industry heavyweight is hosting a sit-down with a patient who figured out how to hack its insulin pump. In public, even.
Medtronic ($MDT) has invited Jay Radcliffe to speak with the company's head of privacy and security at today's Amphion Forum, Bloomberg reports. Radcliffe, who has diabetes, made headlines last year when he demonstrated that he could hack and disable his Medtronic insulin pump using a radio frequency.
Reaching out to Radcliffe represents something of a sea change for the company. Back in August, when Radcliffe announced his discovery, Medtronic seemed to dismiss the threat, pointing out that he had access to "specialized equipment" and that, in 30 years of telemetric device use, there had never been a reported incident of a company tech being manipulated.
For Radcliffe, the company's change in tone is both a welcome validation of his work and, perhaps, a sign that the rest of the industry will start paying attention to its security critics. "If you would have asked me 10 months ago if I'd be on stage with them at a security conference, shaking hands and saying we're working together to make medical devices safe, I would have laughed," Radcliffe told Bloomberg.
As it turns out, the industry may have little choice but to take the issue more seriously. More and more device security issues are coming to light lately, including CareFusion's ($CFN) recently hacked ventilator software, and, last month, the Department of Homeland Security issued a warning to devicemakers about the susceptibility of their techs. In April, a federal board urged the FDA to reform its device-approval process to include mandatory vetting of software security, something the agency currently has the right to do but doesn't always pursue.
- read the Bloomberg story