Medical Devices And Data Protection

Author:Mr Robert Bond
Profession:Charles Russell Speechlys LLP

During October 2014, a number of press announcements indicated a growing interest by Regulators in the impact that medical devices have upon personal data, and shows an increasing shift in attention on companies in the medical device and medical technology sector.

On the 1st October 2014 the US Food and Drug Administration (FDA) announced that it had finalised recommendations to manufacturers for managing cyber security risks in order to better protect patient health data and information.

In its recent survey about the use of medical devices, the UK Information Commissioner's Office (ICO) has indicated an increase in its attention on similar issues by gathering views on the types of medical devices being used in the UK and how they impact upon the collection and processing of personal data including the need for increased information security.

Conventional medical devices such as pacemakers, and other implanted devices, have for a number of years contained technology that is intended to manage the performance of these devices for the benefit of both the manufacturer and the patient but which raise concerns over the management of patient's personal data. For example, pacemakers may contain RFID chips to enable remote monitoring of the device and the...

To continue reading