Tom Cotton warns of cyber threat from Chinese medical devices

Sen. Tom Cotton (R-AR) asked the Food and Drug Administration to tighten regulations on medical devices made in China to protect patient data and the integrity of hospitals after a series of incidents of cybersecurity breaches.Cotton, the chairman of the Senate Intelligence Committee, asked acting FDA Commissioner Kyle Diamantas in a Tuesday letter to revise the agency’s standards for certifying medical devices by requiring older technology to undergo a cybersecurity clearance similar to that used for new devices.The FDA began requiring medical devices to demonstrate enhanced cybersecurity safeguards to receive FDA premarket clearance in March 2023, but older devices still on the market do not require the same type of testing.

Cotton said in the letter, also sent to the Cyber and Infrastructure Security Agency, that “more must be done to protect Americans from compromised medical devices.”

“American patients’ exposure to compromised Chinese-made medical devices poses a risk to both national security and public health,” Cotton wrote.

The letter comes following the FDA’s discovery last year that the device Contec CMS8000, a popular medical monitor that tracks patients’ vital signs, would automatically extract patients’ personally identifiable health information when connected to the internet.