site without changing your settings, you are agreeing to accept all cookies on the site.
November 2018 - Issue 6
Welcome to Battelle’s Medical Devices newsletter. We offer this newsletter as a service to our clients to keep you informed of the latest news from our researchers and the industry.
Battelle’s Medical Devices team can help you accelerate your medical product development timeline – from ideation to evaluation to commercialization. Our newsletter will help keep you up-to-date on cutting-edge medical devices work, including device security, drug delivery, usability testing and neurotechnology.
By Gaurav Sharma and Doug Weber
Bioelectronic medicine has shown tremendous promise for the treatment of a broad range of conditions, from heart arrhythmia to depression. To fully realize this potential, medical device developers will need to find ways to move beyond "set and forget" biostimulation devices to closed-loop systems that can provide more responsive and personalized treatments.
Drug therapies remain the standard of care for a broad range of medical conditions, including high blood pressure, chronic pain, autoimmune diseases, and psychiatric disorders. However, in recent years, bioelectronic medicine has risen as a viable alternative for the treatment of many disorders.
Bioelectronic medicine uses devices that connect to the brain or nervous system to monitor, stimulate, or modulate the electronic signals that enable communication between the brain and all body systems. By tapping directly into the body's own electrical communication system, bioelectronic devices can evoke specific responses, such as modulating blood pressure or heart rhythm, reducing inflammation in body systems, or stimulating muscles for sensory-motor rehabilitation.
Biostimulation is especially promising for management of neurological disorders and other chronic conditions that can be regulated through stimulation of the central or peripheral nervous system. Biostimulation devices implanted in the brain (known as deep brain stimulation, or DBS) already are in use for treatment of a number of neurological conditions, including essential tremor, epilepsy, Parkinson's disease, and dystonia. DBS has also shown promise in treating psychiatric disorders including depression, obsessive-compulsive disorder, and Tourette's syndrome, as well as some types of chronic pain.
The peripheral nervous system also can be targeted to treat many diseases. Promising applications include blood pressure management, treatment of inflammatory diseases such as rheumatoid arthritis or Crohn's disease, and management of chronic pain, especially low back pain or peripheral neuropathy. As more is learned about how the nervous system regulates body systems, the potential applications for bioelectronic treatments will continue to grow.
Biostimulation could provide significant advantages for treatment of many chronic conditions. Most drug therapies make their way throughout the body, which can lead to unwanted side effects. In addition, some drugs used to treat chronic conditions, especially those used to treat pain, can be addictive. Bioelectronic therapies, in contrast, can be targeted to specific parts of the nervous system, resulting in fewer side effects and less addictive potential.
Most bioelectronic devices used today — for example, pacemaker devices that control heart rhythm — are configured in the doctor's office with settings that are not changed between visits. These devices can respond to real-time changes only within the range allowed by these settings. This is similar to the way drug therapies are prescribed: the patient follows the prescribed regimen for a period of time and then goes back to the doctor, who will evaluate their response to the treatment and make adjustments to the prescription, if necessary.
A closed-loop system, in contrast, is able to continuously monitor specific body signals and make adjustments in real time as the body responds to external conditions, internal states, or to the device itself. A number of artificial pancreases currently under development for Type 1 diabetes provide examples of what this looks like in the pharmaceutical world. These devices are intended to monitor blood sugar levels and deliver the exact dose of insulin the patient needs. This allows such systems to adjust the delivery of insulin in real time to the patient's activity levels and eating patterns.
Closed-loop systems allow for tighter control of body systems that can be modulated by drug or bioelectronic therapies. Ultimately, this translates into better control of symptoms, with fewer side effects.
The development of closed-loop bioelectronic technologies would open up many more opportunities for novel treatments, and would make existing applications much more effective. For example:
A closed-loop biostimulation system requires several elements:
Ultimately, these devices will need to be delivered in an integrated, ready-to-use package that is easy for both prescribers and patients to use and understand, and requires minimal adjustment on the part of the doctor or the patient.
Currently, only a few clinical neuromodulation devices operate under closed-loop control, including a spinal cord stimulator for chronic pain relief and a neuromodulation device for epilepsy treatment. These devices provide two different examples of how sensors can be used to “close the loop”:
To get more closed-loop devices into the market, more research is needed along several fronts. Some of the most exciting opportunities for advancement include:
Currently, bioelectronic devices are often recommended only after patients have failed to respond to pharmacotherapies, which remain the standard of care for many medical conditions. As the industry evolves and the usability and efficacy of closed-loop bioelectronic devices improves, it is possible that some of these devices may become front-line treatment options for many conditions.
To get there, the devices will need to be smarter, less invasive, and easier to use. Ideally, they will work seamlessly and invisibly with body systems, so patients don't have to think about the device at all on a day-to-day basis. Developers also need to address cybersecurity risks for connected devices.
While much research remains to be done, the potential benefits for patients living with neurological disorders and other chronic conditions are tremendous. These devices will enable treatments that are more targeted, responsive, and personalized. "Closing the loop" will allow the industry to fully realize the potential of bioelectronic medicine.
About The Authors
Gaurav Sharma is the Lead Investigator and Senior Research Scientist on the Battelle Medical Devices and Neuromodulation team. His work — which applies advanced engineering to overcome problems in the human body and brain — has helped a paralyzed patient regain control of his hand and enabled delivery of drugs across the blood-brain barrier.
Doug Weber is Director of Neurotechnology Research and Development at Battelle. He is focusing on further development of Battelle NeuroLife, a neural bridging technology that allowed a paralyzed man to regain conscious, dexterous control of his hand and fingers. Doug is an Associate Professor in the Department of Bioengineering at the University of Pittsburgh with secondary appointments in the Department of Physical Medicine and Rehabilitation, the Department of Rehabilitation Science and Technology, and the Center for the Neural Basis of Cognition. He recently completed a 4-year term as a Program Manager in the Biological Technologies Office (BTO) at the Defense Advanced Research Projects Agency (DARPA) in Arlington, Virginia, where he created and managed a portfolio of neurotechnology programs, including DARPA’s Hand Proprioception and Touch Interfaces (HAPTIX), Electrical Prescriptions (ElectRx), and Targeted Neuroplasticity Training (TNT) programs.
This article was originally published in Med Device Online.
By Sagar Patel
Every day more and more electronic devices are “connected” and medical devices are no exception. Medical devices are connected to network servers for many end outcomes including, preventative diagnostics, patient-care management, medication adherence, and remote health monitoring.
While connectivity is revolutionizing the healthcare industry, protecting patient privacy and safeguarding data against obvious and non-obvious adversaries has been challenging. Free market economies have a history of under-valuing user privacy aspects to improve user convenience.
In response to this, the European Union (EU) introduced GDPR (General Data Protection Regulation), effective May 25, 2018, to increase the user’s role in data protection and provide users with autonomy regarding how their data is handled and safe-guarded. All companies fielding devices in the EU who store and control or process patient data are required to adhere to the GDPR and not adhering will result in financial penalties. Below are GDPR highlights for awareness and consideration for medical device manufacturers.
GDPR outlines the following three categories for clinical data:
Personal data concerning physical or mental health of a person
Personal data relating to inherited or acquired genetic characteristics of a person (genetic data)
For all data collection/processing methods, specific opt-in consent from the user/patient must be obtained. GDPR also mandates Private Impact Assessments (PIAs) for organizations that store/process patient data. A PIA is a process which assists organizations in identifying and minimizing the privacy risks of new projects or policies. Under GDPR, data protection regulators may carry out security audits for verifying regulation compliance. An audit would primarily involve obtaining access to any premises of the data controller and processor, including any data processing equipment and means.
One GDPR section which isn’t discussed in depth is data pseudonymization. Often copious amounts of data collected through connected medical devices is used to train machine learning algorithms, usually for predictive diagnostics. Current data collection means allow patient profiling based on multiple data points due to the nature of data collection methods. GDPR specifically calls for data processors/controller to implement data pseudonymization to mitigate profiling risks. This may involve dissociating the data from the user/patient and encrypting it, be it in transit or at rest.
In addition, GDPR provides patients several rights, including:
Right to be forgotten (erasure): User may request all data associated with them to be deleted from any data controller/processor.
Right to data portability: Allows individuals to obtain and reuse their personal data for their own purposes.
Right to be informed: Individuals have the right to be informed about the collection and use of their personal data.
Right to object: Allows individuals to object to the processing of their personal data in certain circumstances, such as for targeted marketing.
GDPR changes the way in which medical device companies need to think about and design medical devices with respect to communication, software updating, data storage and processing. While GDPR may initially seem overwhelming, organizations employing comprehensive user privacy practices will be well on their way to regulation adherence and data protection.
About the Author
Sagar Patel is a Cybersecurity Software Engineer at Battelle. He is lead engineer for Battelle's DeviceSecure Services and is a member of the Association for the Advancement of Medical Instrumentation (AAMI) Device Security Working Group.
This article was originally published in MDDI Online.
By Rick Brooks and Josh Branch
If your medical device has software, someday that software will need to be updated. Do you have a plan in place to ensure that updates can be made safely and securely?
Software updates are a fact of modern life. On the consumer side, we're all used to our phones, computers, and smart gadgets nagging us to download the latest patch and, occasionally, deciding to shut down of their own accord — usually at an inconvenient moment — to perform a critical update.
In the medical device world, the stakes can be much higher. A device that doesn't get a critical update when it is needed may be left with a security vulnerability that puts patient safety or data at risk. At the same time, the update process itself can introduce new security vulnerabilities.
While no medical device containing code is ever 100-percent secure, the industry has made significant improvements in device security over the last decade. However, once devices are released into the market, they are part of an evolving software and security ecosystem in which new vulnerabilities are discovered or introduced all the time. The FDA's postmarket guidance for medical device manufacturers recommends that the latter have a plan for patching software and firmware to address new vulnerabilities as they emerge; the 2018 Medical Device Safety Action Plan outlines the FDA’s intent to make this a requirement for device developers moving forward.
Medical device developers may want to send software or firmware updates for other reasons, as well. These include:
Regardless of the reason for the updates, device manufacturers must ensure that the update process itself is secure and does not introduce new vulnerabilities to the device. The best way to do this is proactively, by building into the device, from the very beginning stages of design, a secure update process. Manufacturers should look at several critical questions:
The FDA's Medical Device Safety Action Plan outlines evolving expectations for the medical device industry, including expectations for secure updates. Specifically, the FDA plans to:
Consider potential new premarket authorities to require firms, on the front end, to: (i) build capability to update and patch device security into a product’s design and to provide appropriate data regarding this capability to FDA as part of the device’s premarket submission; and, (ii) develop a “Software Bill of Materials” that must be provided to FDA as part of a premarket submission and made available to medical device customers and users.
What does this mean for device developers? First and foremost, it means that developers need to consider the update process on the front end, long before the device is released. Second, it will require developers to pay a lot more attention to the bits of code in their devices.
Creating a "Software Bill of Materials" (BOM) for each medical device (and each version of the device) is a good first step to proactive update management. The software BOM details all the pieces of code contained in the device, including the operating system; custom, in-house developed firmware and software; and code contained in third-party components, such as a Bluetooth processor stack, embedded microcontroller FW, or even fuse bit settings.
Keeping an accurate and up-to-date software BOM for every medical device in circulation — including the specific release version of each piece of code — will enable manufacturers to quickly identify which devices are impacted by an identified security vulnerability, and to develop effective response plans.
A secure medical device update plan encompasses several elements, including these steps medical device manufacturers should be taking already:
Start with secure design — First, make sure you are following up-to-date cybersecurity guidelines as you develop your device. These guidelines evolve quickly as new vulnerabilities emerge; if you don't have cybersecurity expertise on staff, it is usually prudent to contract with a medical device cybersecurity expert to evaluate your design plans.
Build or select hardware with updates in mind — When daily operation of the device requires minimal memory and processing power, device manufacturers may opt for hardware geared only towards those needs. That makes sense, especially when faced with size, weight, or cost constraints. However, updating the device may require more memory and processing power than is needed for standard operation of the device.
Make sure your device has enough memory and processing power to handle a secure update that includes modern cryptographic functions. This includes memory for secure key storage and processing power to handle cryptographic functions, such as digital signature creation/verification and data encryption.
Create a secure delivery mechanism for software updates — There are six key aspects to consider in developing a secure delivery mechanism for software updates:
Build fault tolerance into your update mechanism — A robust, fault-tolerant design must consider how it handles and recovers from typical faults that may occur during the update process, such as the loss of communication (network connectivity) or loss of power during an update. Devices with critical functions (e.g., pacemakers), or devices with low bandwidth connections (e.g., Bluetooth Low Energy), must consider how to expedite the update process and minimize downtime.
Consider how updates are triggered and timed — Automatic updates from the manufacturer’s website may be ideal to ensure prompt updates for some types of medical devices. However, for life-sustaining devices, applying a software update at an incorrect time can put patients at risk. The design must consider when it is authorized to install an update and who it has been authorized by. For example, a large hospital will want to test and validate a software update before they authorize the update to be installed on their devices.
A proactive approach to secure software updates will help medical device manufacturers avoid substantial headaches after the device is released. Incorporating secure design elements will ensure that medical devices can receive the updates they need to improve functionality, protect patient safety and data security, and maintain compatibility with other devices and systems.
About The Authors
Rick Brooks is the Director of Systems, Software, and Electrical Engineering, and DeviceSecure Services for Battelle’s Medical Device and Health Analytics Business. Rick leads an organization at Battelle that develops technology-enabled medical devices and software solutions. Over his career, Rick has served in a variety of roles for product development projects for the commercial, government, and medical products industries. He is a regular speaker and panelist at medical device cybersecurity conferences and an active member of the Association for the Advancement of Medical Instrumentation (AAMI) Device Security Working Group.
Josh Branch is a software engineer at Battelle with experience covering a diverse range of applications, including embedded and non-embedded software. His core skills include extensive development in C, C++, C#, and Java to target platforms including Windows Desktop, Microsoft Azure/AWS, Mobile Applications, Embedded Linux, and various microcontroller cores including ARM Cortex-M, AVR, and PIC. Josh leads software teams that develop technology-enabled medical devices, with a focus on transitioning cybersecurity improvements into production use.
This column was originally published on Med Device Online.
In recent years, our human factors researchers have been seeing a few persistent use errors in our usability studies that involve injection pens. Many home users—patients and caregivers—encounter confusion when interacting with the shields covering the disposable needles that are attached to the pens. One error in particular is severe and prevalent enough to have raised the FDA’s concern. To address it, they have issued a labeling change request to manufacturers.
The error in question occurs when a user does not remove the inner needle shield, then performs the “injection” without realizing that the tiny needle never entered the skin (which they very rarely feel anyway). He or she comes away assuming the injection was successful. In the case of someone who uses an insulin pen, these failed injections can cause a dangerous rise in blood sugar levels. The FDA has identified at least one death due to hyperglycemia that was related to this error.
Battelle is no stranger to dealing with these types of errors.
A large medical device manufacturer asked Battelle to perform a human factors study on an autoinjector. During the study we observed some inversions where users would have injected their thumbs instead of the desired injection site if the device they were using had been real. This inversion stemmed from the cap and button both being the same color, making it difficult for patients to determine which end had the needle when referring to the Instructions for Use (IFU). The client knew this was a risk, however, it wasn't possible for them to change the cap or button colors at this point in the process.
Learn more about how we solved this challenge.
Brain Computer Interface (BCI) neuroprosthetics show promise for improving paralyzed patients’ functional independence by enabling thought-control of robotic arms or evoking movements in the patients’ own limbs.
Battelle hosted a mini symposium on this topic during the 40th International Conference of the IEEE Engineering in Medicine and Biology Society.
The mini symposium – Technologies to Bypass Nervous System Injuries: The Path from Clinic to In-Home Use – was held on July 18 and was chaired by Battelle Senior Research Scientist Gaurav Sharma. Gaurav is the principal investigator on the Battelle NeuroLife® Neural Bypass Technology program.
Leading researchers in this field who participated in the symposium include:
The mini-symposium was well attended. It was a one-of-a-kind forum where technology developers and the user shared the stage and discussed device development from the user’s perspective. Topics discussed included user needs, current state-of-the-art of neuroprosthetics devices, barriers to clinical translational and the future roadmap. It was an interactive session with enthusiastic participation from the audience and an appreciation for the theme of the symposium that highlighted the role of users as research partners.
Jennifer Simkins has more than a decade of experience as a visual designer working within the healthcare and consumer industries. Read More