Cybersecurity: The need for data and patient safety with cardiac implantable electronic devices

Subrat Das, Gregory P. Siroky, Shawn Lee, Davendra Mehta, Ranjit Suri

Research output: Contribution to journalArticlepeer-review

9 Scopus citations


Remote monitoring of cardiac implantable electronic devices (CIEDs) has become routine practice as a result of the advances in biomedical engineering, the advent of interconnectivity between the devices through the Internet, and the demonstrated improvement in patient outcomes, survival, and hospitalizations. However, this increased dependency on the Internet of Things comes with risks in the form of cybersecurity lapses and possible attacks. Although no cyberattack leading to patient harm has been reported to date, the threat is real and has been demonstrated in research laboratory scenarios and echoed in patient concerns. The CIED universe comprises a complex interplay of devices, connectivity protocols, and sensitive information flow between the devices and the central cloud server. Various manufacturers use proprietary software and black-box connectivity protocols that are susceptible to hacking. Here we discuss the fundamentals of the CIED ecosystem, the potential security vulnerabilities, a historical overview of such vulnerabilities reported in the literature, and recommendations for improving the security of the CIED ecosystem and patient safety.

Original languageEnglish
Pages (from-to)473-481
Number of pages9
JournalHeart Rhythm
Issue number3
StatePublished - Mar 2021


  • Cardiac implantable electronic device
  • Cybersecurity
  • Data security
  • Hacking
  • Remote monitoring


Dive into the research topics of 'Cybersecurity: The need for data and patient safety with cardiac implantable electronic devices'. Together they form a unique fingerprint.

Cite this