this post was submitted on 26 Sep 2024
1007 points (98.4% liked)

Technology

60042 readers
1944 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

Apologies for posting a pay walled article. Consider subscribing to 404. They’re a journalist-founded org, so you could do worse for supporting quality journalism.

Trained repair professionals at hospitals are regularly unable to fix medical devices because of manufacturer lockout codes or the inability to obtain repair parts. During the early days of the COVID-19 pandemic, broken ventilators sat unrepaired for weeks or months as manufacturers were overwhelmed with repair requests and independent repair professionals were locked out of them. At the time, I reported that independent repair techs had resorted to creating DIY dongles loaded with jailbroken Ukrainian firmware to fix ventilators without manufacturer permission. Medical device manufacturers also threatened iFixit because it posted ventilator repair manuals on its website. I have also written about people with sleep apnea who have hacked their CPAP machines to improve their basic functionality and to repair them.

PS: he got it repaired.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 2 months ago (2 children)

Medical devices are required to comply with 21 CFR 820 in the United States, which establishes quality management standards. This includes minimum standards for the software development lifecycle, including software verification and validation testing.

In the EU, broadly equivalent standards include ISO 13485 and IEC 62304.

If an OEM wants to do a software update, they at minimum need to perform and document a change impact analysis, verification testing, and regression testing. Bigger changes can involve a new FDA submission process.

If you go around hacking new software features into your medical device, you are almost certainly not doing all of that stuff. That doesn't mean that your software changes are low quality--maybe, maybe not. But it would be completely unfair to hold your device to the standard that the FDA holds them to--that medical devices in the United States are safe and effective treatments for diseases.

This may be okay if you want to hack your own CPAP (usually a class II device) and never sell it to someone else. But I think we all need to acknowledge that there are some serious risks here.

[–] [email protected] 2 points 2 months ago

Yeah, I'm a big right to repair person. But medical equipment is a different level. This isn't just affecting yourself, if a tech screws up people die.

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Sure, there are risks, but if the alternatives are pony up $100k for a new exosuit, or just don't fucking walk again, I see why repair is an enticing option.