In the wake of increasing concern about the security of wireless medical devices, a privacy and security advisory board is calling on the government to grant the FDA or other federal entity the authority to assess the security of devices before they’re released for sale to the market. The group also wants the government to establish a clear channel through the United States Computer Emergency Readiness Team for reporting security problems with medical devices — including pacemakers, defibrillators, and insulin pumps – so vulnerabilities can be easily tracked and addressed. Advances in technology have created numerous medical devices that can be monitored and controlled wirelessly to change settings and gauge that they’re operating properly. But vendors have failed to secure the devices to prevent an unauthorized party from communicating and tampering with them — a potentially deadly security problem. That prompted the Information Security and Privacy Advisory Board, which advises the National Institute of Standards and Technology (NIST) as well as the Office of Management and Budget, to send a letter to the latter office (PDF) on Mar. 30 calling for reform. The board noted in its letter that millions of software-controlled medical devices in the field put patients at risk of significant harm — among them military personnel and veterans who are treated in government hospitals.

More here:
Board Urges Feds to Prevent Medical Device Hacking