The Food and Drug Administration (FDA) should develop and implement a more comprehensive plan to review and track information security risks for implantable medical devices that use hardware, software and networks to wirelessly monitor a patient's medical status, according to a new report from the Government Accountability Office (GAO). Potential vulnerabilities include untested software and firmware, limited battery life and unauthorized changes to device settings due to a lack of appropriate access controls, GAO states. In comments in the report, Health & Human Services concurred with the recommendation and described efforts FDA has initiated.

»More Information