FDA issues alert for infusion pump

The Food and Drug Administration (FDA) has issued an alert to users of a computerized infusion pump that communicates with hospital information systems via a wired or wireless connection over facility network infrastructures. The pump has serious cybersecurity vulnerabilities that could put patient safety at risk.

The FDA has strongly encouraged acute and non-acute healthcare facilities, such as nursing homes and outpatient care centers, currently using the Hospira Symbiq Infusion System, to discontinue use of these pumps and find alternative infusion systems as soon as possible.

According to FDA's safety communication, both the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team and Hospira are aware of the pump's cybersecurity vulnerabilities.

“This could allow an unauthorized user to control the device and change the dosage the pump delivers, which could lead to over- or under-infusion of critical patient therapies,” the alert warns. “The FDA and Hospira are currently not aware of any patient adverse events or unauthorized access of a Symbiq Infusion System in a healthcare setting.”

Healthcare facilities should disconnect the pumps from their networks to reduce the risk of unauthorized system access when switching to a different infusion system. However, providers also should be aware of the "operational impacts" of disconnecting the devices from the network. Providers must manually update drug libraries for each pump which “can be labor intensive and prone to entry error.”

The infusion pumps are no longer available for purchase through Hospira but the FDA is concerned that the product is still potentially available for purchase from third parties.

Beth Walsh,

Editor

Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.