Medtronic gets FDA green light for iPad-based pacemaker programmer

The FDA has cleared a new device manager platform from Medtronic that allows physicians to program and download data from compatible cardiac implants using an iPad.

The medtech giant’s portable CareLink SmartSync system includes a patient connector and telemetry head, as well as a base station and pacing system analyzer, which all weigh just over two pounds when combined with the Apple tablet. It also uses Bluetooth to wirelessly communicate with its line of BlueSync-enabled devices.

Medtronic describes SmartSync as a next-generation programmer and pacing system that follows on from its CareLink 2090 device, which had its internet update functionality disabled by the company last year amid concerns that it might be vulnerable to cyberattacks.

A security gap had been identified in the update download process, which could allow the programming devices to be infiltrated with non-Medtronic software, though the company said at the time that it had not received reports of successful attacks or any patient harm. The 2090, as well as the similarly affected CareLink Encore 29901, can still receive software updates via a USB port.

"Clinicians will benefit from the portability that SmartSync offers, and because it was built to replicate the familiar CareLink 2090 interface, the transition to this new technology is quite simple," Rob Kowal, chief medical officer and vice president of medical affairs and business development of Medtronic’s cardiac rhythm and heart failure division, said in a statement.

The SmartSync with base station (Medtronic)

It is currently available at select sites, with a full U.S. product launch planned for August. The system also received a CE mark in 2018.

RELATED: Medtronic discloses wireless cybersecurity flaw in several implantable cardiac devices

In terms of security features, the SmartSync device manager and all of Medtronic’s BlueSync-enabled heart devices come with encrypted data, application and intrusion monitoring, as well as access restrictions to the device and data transmissions, the company said.

Earlier this year, Medtronic disclosed potential vulnerabilities in a separate wireless transmission protocol, Conexus, which uses a short-range radio to transmit unencrypted data while programming the devices or gathering data from the implants.

Though they could be susceptible to settings changes, Medtronic recommended the devices continue to be used, saying the benefits outweighed the practical risks—to be exploited, a cyberattacker would need to have specialized medical device knowledge and be physically near the device to transmit a signal, the company said.