![Sample our Medicine, Dentistry, Nursing & Allied Health journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5944/TOC-Subject-Sample-2021-Medicine-Dentistry-Nursing-Allied-Health.jpg"})
ABSTRACT
Introduction: Cardiac implantable electronic devices (CIEDs) integrate numerous automatic and monitor functions. Nowadays, most CIEDs are connected to the Internet (via Wi-Fi, Bluetooth or smartphone) to ensure remote monitoring of technical and clinical data: despite the importance of such a monitoring, especially from a clinical point of view, concerns have been raised about information (IT) security in terms of both privacy and security for CIEDs’ carriers.
Areas covered: This review will provide an outline of remote monitoring of CIEDs, main IT security issues that have affected them so far, main cybervulnerabilities and possible solutions.
Expert opinion: Although there is no evidence that cyber-attacks have been carried out against any CIED so far, they may occur in the future. Cyber-attacks are usually aimed at stealing sensitive information or granting access to the IT systems to which CIEDs are connected; the possibility of an active reprogramming of CIEDs by cyber-attacks is extremely low. Political, regulatory, scientific, and clinical integration is essential to provide not only effective IT solutions for CIEDs and their carriers, but also for the development of educational programs; it should also promote cooperation between stakeholders in order to reduce the risk of CIEDs’ cybervulnerability and increase patient safety.
Article highlights
Remote monitoring of cardiac implantable electronic devices (CIEDs) and their carriers (by means of Wi-Fi capabilities and transmission of data over the Internet) has become essential for clinical and technical evaluation: its efficacy has been proven in terms of patients’ outcome, survival, and hospitalization, and in terms of improvement in allocation of clinical resources.
Despite the clinical and technological relevance of remote monitoring, the transmission of sensitive data over the Internet may rise cybersecurity issues: via the Wi-Fi channel both CIED and its sensitive information may become visible outside the healthcare environment so that an attacker can tamper previously acquired messages, steal data, disable or manipulate CIEDs functions; moreover CIED with Wi-Fi capabilities may become a gateway to hospital networks and their information.
Passive cyber-attacks aimed at theft of sensitive information, and active ones, aimed at manipulation of information or pacing/defibrillation settings, are both theoretically possible, albeit to date no information of such an attack has ever been reported.
In order to make a CIED safe also from the point of view of cybersecurity and to minimize the possible presence of IT breaches, its software architecture must be adequate from the early stages of its development.
A careful and active role from regulatory authorities, scientific societies, health-care professionals, and patients is needed to adopt measures that guarantee safety for the individual and the community: for this purpose, an integrated work at all levels and by all stakeholders (devices’ manufacturers, control agencies, scientific societies, health-care personnel, and patients) is necessary, in order to improve safety and security for healthcare system, patients and CIEDs, as cyber threats are expected to increase in the future.
Declaration of interest
The author has no relevant affiliations or financial involvement with any organization or entity with a financial interest in or financial conflict with the subject matter or materials discussed in the manuscript. This includes employment, consultancies, honoraria, stock ownership or options, expert testimony, grants or patents received or pending, or royalties.
Reviewer disclosures
Peer reviewers on this manuscript have no relevant financial or other relationships to disclose.