UW Researchers Demonstrate How Implantable Cardiac Defibrillators Could Expose Patients to Security, Privacy risks

The research activities at the University of Washington (UW) in Seattle are often fascinating. I just read the other day that the UW, along with researchers from Harvard and UMass Amherst showed how it is possible for someone to extract patients’ private medical information from implantable devices. Not only that, but it is also possible to reprogram the medical settings without patients’ approval or knowledge.

The research has been reported widely in the medical community and in the press. According to the uwnews.org “In computer laboratory bench tests, the research team used an inexpensive software radio to intercept and capture signals sent from the implantable device. They were able to obtain detailed information about a hypothetical patient, including name, diagnosis, date of birth and medical ID number. Researchers could determine the make and model of the device and access real-time electrocardiogram results as well as data on the hypothetical patient’s heart rate and cardiac activity.“