Texas Governor Greg Abbott has ordered an investigation into claims that some medical devices used by hospitals are gathering data and sending it to China without the consent of patients or the medical establishment.
Eight months ago, the US Food and Drug Administration warned of cybersecurity "vulnerabilities" in certain devices that create risks for hospitals and especially patients in several different ways.
KPRC 950 am Radio's "High Tech Texan" Michael Garfield commends the governor, saying it's the right of the state "to make sure devices are in compliance and that they're keeping out data safe."
And that is potentially a huge problem in this case: first, data could be collected from patients using the monitor if it is also connected to the internet.
If true, Mr. Garfield says, such gathering of information would not be unusual by today's device standard.
With phones, laptops, even home appliances, "we're giving data, we're giving our location, we're giving our consent in many cases.
"Listen, we love our phones, but if you turn off all of those approvals, those end user license agreements on every app we use - you know, no GPS for your maps -- your phone becomes a brick, we have to give something in order to get.
"And Governor Abbott sees that there are medical devices that could get your data," he says, and your data needs to stay safe -- and if it's being shared with your insurance company, much less another nation, it's each individual's right to know it.
But there's a darker aspect here, too.
As the FDA put it, "The software on the patient monitors includes a backdoor, which may mean that the device or the network to which the device has been connected may have been or could be compromised.
LAnd "Once the patient monitor is connected to the internet, it begins gathering patient data, including personally identifiable information (PII) and protected health information (PHI), and exfiltrating (withdrawing) the data outside of the health care delivery environment," the FDA said in a statement.
"These cybersecurity vulnerabilities can allow unauthorized actors to bypass cybersecurity controls, gaining access to and potentially manipulating the device," and there's no guarantee that these actions, or the actions of harvesting data, are not being initiated by the ruling Chinese Communist Party (CCP), which is well-known for keeping close data collection ties to China's manufacturing and electronics sectors.
"