pfizer written response to abc7 questions
TRANSCRIPT
7/26/2019 Pfizer Written Response to ABC7 Questions
http://slidepdf.com/reader/full/pfizer-written-response-to-abc7-questions 1/2
Questions ABC7 presented to Pfzer ater the company declined an on-camera
interview:
1. When you acquired Hospira, were you aware of the cyber security vulnerabiltiews
in the suite of Hospira infusion pumps?2. What have you done to remedy the security vulnerabilities3. Have there been patches, rmware or software updates?. !he "#$ actually issued advisories about some of these products. What did %&er
do to respond to these warnin's meant for hospitals, medical professionals andconsumers?
(. Who is ultimately responsible for the safety of this equipment?). #oes %&er accept any level or responsibility should one of its medical devices,
*nown to have cyber security vulnerabilities, be hac*ed and intentionally or
unintentionally used to cause harm or death to a patient?+. We understand %&er and subsidiary, Hospira, has discontinued the manufacturin'
of the ymbiq -nfusion ystem. What steps have been ta*en, if any, to protect
health care institutions, who already own these machines, from bein' hac*ed?. Has %&er or any subsidiary of %&er replaced the manufacture of the /ymbiq
-nfusion ystem0 with other systems desi'ned to perform the same tas*s?. $nd if so, what steps have been ta*en to protect those new desi'ns from bein'
hac*ed?1. What steps have been ta*en by %&er or any subsidiaries to adhere to the
recommendations by the "#$, issued in anuary 21), as outlined in the attached
lin*?
http://wwwda!ov/"ews#vents/"ewsroom/PressAnnouncements/ucm$%&'(
%htm
11. -s %&er aware of, or had any complaints relative to any /patient adverse
events0 due to any hac*in' incidents on any machines manufactured by %&er or
any subsidiaries?
Pfzer)s response to the a*ove +uestions:
Cybersecurity in healthcare devices is an important issue that extends beyond infusion pumps. There
have been advisories issued on cybersecurity across the medical device industry. Exploiting
cybersecurity vulnerabilities requires penetrating several layers of network security enforced by the
hospital information system, including secure firewalls. These measures serve as the primary defense
against tampering medical devices. The cybersecurity protections on infusion pumps add an additional
layer of security.
Supporting safe and effective medication delivery is our priority. There are no known cybersecurity
breaches of ospira devices in a patient or clinical setting, and we have a dedicated team of internal
and third!party cybersecurity experts working to continue to ensure patient safety. ospira has worked
with "CS!CE#T and the $.S. %ood and &rug 'dministration (%&') as we have become aware of
reported vulnerabilities. *hen we have received reports, we+ve worked with customers to further
strengthen device security.
The Symbiq device that had been a part of the cybersecurity discussion is no longer on market. "t was
retired as a result of our -/ decision to focus on new technology. 0ur actions to address cybersecurity
in existing and new technology underscores our commitment in this evolving area.