Earlier this month, the Safe Repair Project hosted a panel at the National Foundation for Women Legislators (NFWL) annual conference, where participants discussed the growing movement of right to repair and the serious implications on patient safety if complex medical equipment were to be included in laws percolating among state houses in 2024.
Safe Repair Project Representative Tirzah Duren, tech expert Roslyn Layton and Indiana State Senator Jean Breaux made up the panel and hit on important points around device integrity, safety, regulatory challenges, and cybersecurity implications for allowing unfettered access to these devices.
Senator Jean Breaux spoke about the necessity of carve outs for certain devices in this type of legislation:
“I think that [right to repair] should have a tiered approach. It may be okay for your cell phone, it may be okay for your laptop, but certainly there need to be some carve outs for areas where it is not okay. And I think that having a medical piece of medical equipment, in which it has a lifesaving function or lifesaving functionality, there needs to be some assurance, some guarantee, that the replacement item or the repair item is one that has been overseen by the federal government and has been determined to be an appropriate application for the repair of that medical device, or that it has been sanctioned by the Original Equipment Manufacturer (OEM), the manufacturer of that medical device, as being acceptable and appropriate.
So, I think there needs to be some very clear delineation as to who and what has the ability to try the right to repair. And there need to be some very specific carve outs for safety and consumer protections.”
Roslyn Layton highlighted the cybersecurity implications of right to repair:
“There’s a lot of legal and intellectual property issues associated with [right to repair]. But for someone like me, who’s working with technology policy, I’m really concerned about when you connect an item in a medical setting or a setting with a broadband network where we have security risks, we have hacking risks, risks of malign equipment and intrusion that if anybody can go into that system, take it apart, break it apart, that can invite ransomware attacks. It can invite intrusion by foreign actors, hacking of personal data and so on. So that should not be the goal of this. There can be a balanced approach depending upon the products that are there. But the medical world is different. As a society, we decided that the world of medicine is going to be regulated because it’s important to us. We have to protect patient safety. We want to avoid people abusing others and also have standards.”
It’s quite clear that legislators should be nowhere near considering the inclusion of medical devices in prospective right to repair legislation. Patients who visit healthcare facilities with hopes of restoring their wellbeing’s should not have to ever question the integrity of the medical device their physician may rely on for their treatment. There’s no need to start now.