Why can't pacemaker users read their own medical data?

In this ten minute TEDx talk, Hugo Campos explains his frustration with the fact that his pacemaker is designed to let his doctor read his biometric status, but to stop the patient from doing the same. As a result, Campos isn't able to use his pacemaker as a diagnostic tool to help make good choices about eating, exercise and other activities. He writes,

I have an implantable cardioverter defibrillator (ICD) for primary prevention of sudden cardiac arrest. I have been fighting for my right to access the data collected by the ICD for about 3 years now, without much success. Data about my heart is regularly collected from the implanted device by its manufacturer over remote monitoring.

The modern ICD is a sophisticated computer capable of detecting and treating malignant arrhythmias. It is also capable of wireless telemetry, a feature that is used by all device manufacturers for remote patient monitoring. Today, there are about 5 top manufacturers of pacemakers and ICDs and 1MM patients being remotely monitored on a regular basis. Not a single one of these patients is allowed access to their device's data.

I am sure you'd agree that this is an objectionable practice and it must be stopped.

TEDxCambridge - Hugo Campos fights for the right to open his heart's data


  1. All patient data is considered ‘locked down’ to protect the patient via HIPAA act. Especially wireless transmissions.  I take issue that ‘can not access this data” as your Doctor could provide the secured data in their files on request from the patient. Tho, not in ‘real time’ which I think is the complaint.

    Imagine if this was NOT the case…..an insurance company, a loan company, a employer would have access to open data to scan your pacemaker to make choices for your employment, loans, or health insurance; with an ‘open source’ scanner that would scan potential employees, loan approvals, etc.

    So, on the flip side..if that pacemaker was ‘open source’ with easily scan-able devices, we’d be complaining about that lack of privacy.

    Of course there could be expensive technological solutions..for patients to access their personal data, with privacy controls.

    1. Of course there are cheap, convenient technological solutions for patients to access their personal data, with privacy controls.

      1.  I don’t think it’s a big corporation conspiracy as it’s relatively new tech to xmit data wirelessly from implanted devices. (well, not completely new, but locking down the free transmission of data is rather new)
        I too would like real time access to data for such thing for myself.
        You can access your personal Data via your doctor….but not in real time.

        But I would not like a open access, easily ‘hackable’ information transfer.

        In this case, the ability could be a benefit for the patient. And perhaps, a reasonable solution can be found that does not raise cost for most patients, and allows those that want real time feed-back could be implemented.  Which does make the talk, and concerns important issues for patient access to real time implanted devices.

        The privacy concerns of an open source solution would be the least desirable solution.

        1. Modern cryptographic tools are most often open source. Access to data is easily protected.

          I think you mean you don’t want others to have open access to your data. Of course not.

        2. The privacy concerns of an open source solution would be the least desirable solution.

          You’ve got a profound misunderstanding of the technology.  The things you are saying are completely nonsensical.  The NSA uses open source solutions because they are superior to proprietary; and OpenSSH is both free and equivalent to  the state of the art in privacy.  I can far more readily compromise the data at your doctors’ office than in an SSH tunnel, which can be trivially implemented on ridiculously cheap hardware.

          Wait, I’ve been trolled, haven’t I?

    2. I have access to my blood sugar levels transmitted to my insulin pump from by glucose tester and my insurance company does not. don’t think the insurance company would access.

      1.  Insurance companies have all the info they want whenever they want.  Somewhere in all the fine print in your policy and the stuff you sign at the docs is permission for them to have full and unfettered access to your medical data any time they want it.

    3. Of course there could be expensive technological solutions..for patients to access their personal data, with privacy controls.

      I will code it for you and give it to you for free.  It will take about two weeks after I get the design docs.

    4.  This is a false dichotomy:  It’s not “if not “a” then it must be “b””  There’s many an easy way to “permit” the person whose heart is in question to access the data without broadcasting to all and sundry and I’ll bet the manufacturers are far less clever about how they protect the data then they think in any event.

  2. It’s a similar problem with CPAP machines, if I remember. I had a patient that wanted to get he source code for his machine, and he wasn’t allowed to have it. He wanted the code so he could tweak the machine’s rhythms according to his doc’s recommendation without paying an arm and a leg at the specialist just to switch the program to the new algorithm. 

    1. the job creators took great care in creating that job! And there you go destroying a perfectly good job with your hobby. :P

    2. This is true, however some folks have “liberated” the software so folks like me can use it illegally to treat themselves. I literally have titrated my pressure to the correct settings. This is probably why Sleep Apnea has a HUGE failure rate, as most people have no place to go to understand and the Dr.s have about 5 minutes to say things like: “We’ll up your pressure and see how it goes for the next month” when you need help Tonight as you have a big report/issue at work. I lost my job partially due to my sleep apnea, until I figured out how to get it under control (which is a daily/weekly struggle even after 2 years). My PCP understands about 10% of what I do about Sleep Apnea (I could train him!). The Dr.s at the Hospital sleep center just told me (after complaining) to raise my pressure myself.

      PS: You don’t need software to tweak the machines, just the correct combination of buttons to press on the machine (at least the better ones).

  3. I too have an AICD.  I think the issue isn’t so much HIPAA privacy regulations or anything of the sort.  The manufacturer sells very expensive proprietary devices to cardiologist to collect such information.  If it were so open then they would lose the market segment on the machines that read the info.  There likely is not much incentive to spend the money necessary to get FDA approval to allow someone to log in and collect limited data.

    1.  And once somebody hacks this, there’s at least a 50% chance that they’ll try and claim a copyright in the data produced by the machine, despite a complete lack of creativity.

      1. They could go another route for the IP protection – bind everyone into a trade secret nondisclosure.

        Were we still a functioning society, such a contract would be voidable on the public interest grounds alone, much less overreaching.


    2. I don’t normally share the average Boing Boing readers anti-corporate cynicism, but I have to admit there may something to do that. I was in a meeting at my own company just the other day that was about ‘MOSA’ design (modular open systems approach) in which we did have a couple people ask, “but if we make our systems inter-operable with our competitors, don’t we lose our advantage?”. Nevermind our customers are begging for this feature.

  4. Isn’t there also the concern that the same methods to get the information out of the device could allow someone to hack it? A criminal could kill someone at a distance if they had the right tools. Yea, it’s not instantaneous but the guy should be able to get the information via his doctor.

    1.  ,,, what? Since others are already getting data out of the device, the loophole would already exist. How would adding one more person to the list of allowed parties make this more likely?

        1.  I’m just imagining someone will eventually, someday, figure out the difference between “read” and “modify”. -__-

          (Hint: Assuming they only have read access, the appropriate number to imagine is “nobody”)

  5. Dear healthcare profit generating unit,

    The answer to your question is simple:



    The Medical Industrial Complex

  6. Hmm. You know, I’m sure someone could figure out how to get access to the thing, there’s a whole internet full of clever people out there, but somehow, I think they’re likely to be somewhat more wary about tackling pacemakers than they are about smart phones. Yikes.

  7. One problem with patients accessing raw data is that they may misinterpret it. I am a clinical psychologist working in health care and have seen some bad outcomes when health anxious patients read test results and interpret these in a catastrophic way. For example, many people have disc prolapses, disc degeneration, etc in their spines, which are normally benign features of aging, but when a patient reads about them without a doctor to explain this, they often reduce their activity/exercise/avoid bending, etc, for fear of causing themselves harm. I imagine the same could happen with heart patients. They might interpret a non-significant aberration as dangerous and may then avoid exercise for fear of triggering a heart attack

    . As Sam1148 said, you can access the data from your doctor. My neuropsychologist supervisor had a great phrase regarding providing reports to patients – “no information without explanation”.

    1. Exactly right.  The problem is that you can’t half-open the device; either nobody can read it or all patients can.

      And due to a lot of well-documented factors, a significant and unpredictable portion of patients (especially anxious or depressed patients) can and will be medically harmed by having live data.  (The human brain, sadly, does not always deal well with stress situations.)

      1. The problem is that you can’t half-open the device; either nobody can read it or all patients can.

        What a complete load of bollocks.  Ignorance of technology is not a valid excuse for opposing education and cheerleading the purposeful withholding of information.

    2. And flip side, I, as a chiropractor, have patients who, having very little information about their clinical condition, only told they have arthritis, or disc degeneration or similar, also shut down.  The more of an unknown black box it is, the scarier.  Typically they have access to copies of films, though having the images on a cd are more common.  Much less common are the reports that interpret these. I will go through and help explain in layman’s terms (depending on the level of patient’s comprehension), what this means, and implications.  Always ending with “What questions do you have?”  (“Do you have an questions is too often answered with a simple “no”)  I will talk specifically with them about exercise, and how, with very few exceptions, exercise is not contraindicated, but is typically associated with better outcomes for arthritis and better quality of life, and frankly a longer life.  I am often told that I am the first to do this, even if they’ve seen their primary, an orthopedist and a PT.  Some (of each of those kind of those providers) are very good about it, many are not.  PT’s are usually good about it, but some aren’t.
      I’ve also had patients told to stop exercising (!) by primaries and orthopedists (once, by a massage therapist (!!!), with no instructions how to restart exercise.  Some patients who stop exercise never go back to it.  Implanting a pacemaker is a big deal, HCM is a big deal, and exercise, but not too much exercise is an enormously important exercise intervention for these patients.  Like a lot of surgeries, no reason they couldn’t afterwords work with a qualified PT with some training in exercise physiology, have them consult with the patient about and during an exercise and let them see the data. 
      If they want the data, make them train with a PT, have them sign a waiver, give them the data. 

      Some cardiologist should hook up with an exercise physiologist, do a study showing that this is a benefit, and shame the companies into making the data available. 

    3.  Came here to say this. I’m a medical librarian, and every now and then someone wanders into my library who has no clinical background whatsoever and is looking for clinical research on a particular topic. And then they want it explained to them. In my case, I can usually get out of that situation by throwing up my hands and saying, “Look, I didn’t go to medical or nursing school myself, and I know just enough about it to know that you need years of education and practical experience to interpret some of that stuff and put it in context.” (Then, of course, you run the risk of them saying that you wouldn’t help them–not couldn’t, wouldn’t–but it’s an honest answer.)

      The problem comes when someone gets hold of their doctor and wants their doctor to provide that context, and won’t accept that the doctor doesn’t have the time to regurgitate and dumb down the benefits of four years of undergraduate education, four years of medical school, and a residency of up to several years in order to put every little tick and bump in their charts in perspective. That is not to say that patients shouldn’t be educated about their conditions and options for treatment–in fact, educating clinicians about their patient education options is part of what I do–but there have to be reasonable limits beyond which you have to trust your care provider, or find someone who’s trustworthy, or examine your reasons for trying to become your own doctor and ask yourself if your desire for control over your own body is unrealistic.

      All of that having been said, I believe that people should have access to all of their personal medical information if they want it, and also to any and all clinical research that they want. If Hugh Campos is such a clever dick that he thinks that he can hack his ICD, then he should have access to do so. If he wants a book on interpreting EKGs, I can set him up with that. But he then should assume complete and unqualified responsibility for what happens if he screws it up and ends up in the emergency room or worse.

      1. Gee, from what I’ve seen, the only doctors who “can’t dumb down” what they’ve learned, are the doctors who don’t have a very good handle on it themselves.  A good doc can always give a patient some level of understanding of their condition.  It may take some pretty simple analogies to get it across, but it’s enough to do the trick.  And in many cases patients are quite willing to study a lot of material about their illness in order to make informed decisions. 
        For example, I give you Xeni Jardin.  Should she be allowed to see her raw data?  I think so.

        1.  You’re not paying very close attention to what I’m saying, which is not that different from what you assert above.

          1.  Perhaps, but you do seem to be saying two diametrically opposed things at the same time.  You say you want the patient to have full access to all information, but you also suggest that the desire to have control of your own body is unrealistic.  Given the number of people whose health or lives are saved by second opinions, I think a good healthy skepticism for authority is as important in the medical field as it is in government. 

    4. Respectfully, neither you nor my physician is my nanny or legal guardian and to decide that because some people cannot handle it, no one shall access it is simply authoritarianism and a lingering vestige of “You are the patient, you will do as told, you have no need to know anything about what is being done to you or prescribed for you” that once dominated medicine.

      1. No, not your nanny.  But it only takes one dumbass to misuse the data and harm themselves to kick off a lawsuit.  So the manufacture weighs making zero extra money versus a shitload of extra liability and naturally decides, “Duh! You don’t get the data!”

        And yes, I make medical devices.  And yes, we make these sorts of decisions.  We go to extremes to minimize risk because it’s the right thing to do and good business.

        1. If you are so timid that you can’t stand the possibility of any risk, perhaps you need to find another profession rather than making life decisions for patients without their consent.   Seriously.  I’d be dead right now if I didn’t fight people like you tooth and nail.

  8. Someone will mess with the pacemaker/Defibrillator
    eventually their will be one that malfunctions, or does what the owner tells it to do, which will be harmful to the patients health.
    they will sue
       sue the MD
     sue the hospital
    sue the manufacturer

    If someone dies – their relative will sue asking for more strict access

    That’s why patients aren’t allowed to access their pacer.

  9.  One problem with patients accessing raw data is that they may misinterpret it. I am a clinical psychologist working in health care and have seen some bad outcomes when health anxious patients read test results and interpret these in a catastrophic way. For example, many people have disc prolapses, disc degeneration, etc in their spines, which are normally benign features of aging, but when a patient reads about them without a doctor to explain this, they often reduce their activity/exercise/avoid bending, etc, for fear of causing themselves harm. I imagine the same could happen with heart patients. They might interpret a non-significant aberration as dangerous and may then avoid exercise for fear of triggering a heart attack

    1. It wasn’t that long ago that a patient at an Omaha hospital was given an HIV test result without sufficient explanation.  He immediately went into a rest room at the hospital and shot himself.  This is not a theoretical risk.

      1. Hopelessness is also correlated with suicide.  Giving patients more control over their condition could combat this. 

      2. Surely any good medical facility would offer both the data and the context.  Perhaps this one did.  The suicide may have been the result of other beliefs held by the patient.  HIV was, and is, a carrier of much additional social baggage, dating back, at least, to Reagan’s callous view that it was a punishment from his vengeful god.

        There is a risk associated with most data and diagnoses.  That doesn’t remove the right of patient to the information regarding their condition and treatment. 

      3. If we strap you to a wall with duct tape, you will never be able to shoot yourself.   If we never teach you or tell you anything, you will never know how to use a gun.  Is prior restraint a valid argument?  Should global sterilization be mandated, so that nobody will be born with the capacity to commit suicide?  Where do you draw the line when you start saying it’s OK to take action “for someone’s own good”?  Is preventing suicide a morally defensible goal, or is the decision to end one’s own life a human right?

    2. So, it’s your position that patients should be kept in the dark as to the effectiveness of their treatment because without proper interpretation about results they may harm themselves.
      It seems to me that the real problem is proper interpretation not having access to results.
      Under current HIPPA law, patients have a right to see their complete medical record yet there is this pesky little exception to that rule whereby a doctor can withhold information if they feel it may endanger the patient.
      Yet medical professionals everywhere bemoan patients who do not trust their doctors, choose not to get vaccines, and rely on holistic medicine. Do you think that perhaps withholding information from a patient about their condition may cause greater net harm than actually taking the time to show and explain test result a patient asks about? Or, are you just too busy to provide that level of care to those who employ you as their medical provider?

      1. I would say that the standard for a good physician is that he or she gives the patient a level of information proportional to the intelligence of their questions. On the other end of the equation, some doctors bombard their very uninformed patients with technical information that they can’t possibly understand or digest.

  10. Because you’re not a doctor! FFS
    You Americans are impossible. You could turn anything, the dumbest pretext into “fight for one’s rights”. You don’t even understand the meaning of words “rights”, “equality”, etc.

  11. Am working with a telemedicine doctor on a video conferencing app. Right now the video session is discarded due to lawyers. It appears that more data enables more lawsuits.

    1. You know, that might be a fundamental truth.  If lawsuits are a parasitic ecosystem grazing on data — as they appear to be — then more data inevitably means more lawsuits.  We’re already seeing automation of bottom-feeding pseudo-legal stuff (Youtube etc content bots).  I wonder if there’s anything useful that can be gleaned from this..?

  12. I have an ICD as well, and real-time access to the data would be nice so that I can actually, I don’t know, answer my doctor’s questions during my checkups.  They usually end up sounding like a (fairly innocent) police interrogation:

    “You had a minor arythmia on June 5th around 6pm, what happened?”

    “I have no clue doc, since I didn’t feel it and that was 3 1/2 months ago.”

    “Well did you forget to take your beta blocker that day?”

    “How would I know? It was 3 months ago and I never noticed a problem.  Maybe.  Or maybe my 2 year old decided it was time to headbutt daddy in the chest again.”

    And yea, all of the privacy/access issues could be fairly easily resolved with well known cryptographic protocols.  Then again, considering I’ve also gotten the equivalent of a recall notice on my pacemaker in the past due to a software flaw that would have prevented it from working in certain situations, maybe adding complexity isn’t a good idea.

    On the other hand, I can also see having access to the data or code leading to problems.  The guy in the article might be a smart, sane individual who isn’t going to do anything rash if given full access to his device.  Some other twit may decide that he knows better than the doctors  and tweak the voltage on his pacing, cause it to pace at 120bpm, or do other uncomfortable shit that I usually endure during my checkup in a controlled environment surrounded by professionals. Other posters here have mentioned what can go wrong simply having access to the data. There’s plenty of (incorrect) self-diagnosis going on already, and this would only encourage it in a subset of ICD patients.

    1. “Some other twit may decide that he knows better than the doctors and tweak the voltage…”

      Sounds like a good filter for the gene pool.

        1. Are you sure? That’s quite a stretch from saying “Do no harm” to adding “…and prevent self harm”.

    2. It would be cool if the device would randomly ask you health questions via your smart phone or through email. That way when an abnormal reading popped up and a question arrived from it concerning what’s going on, you wouldn’t be alarmed. The doctor could then have a great set of metrics to figure out what you’re doing to help/hurt yourself. Was that weird reading due to forgetting to take your drugs at the right time, was it due to chasing down your kid who’s about to run in front of a car, or what?

      The questioning could also get the patient to become more vigilant about their health issues too.

  13. If someone wants to monitor their heart rate 24/7, I’m sure there are external devices that can record and provide a read-out, e.g. a heart-rate monitoring watch or bracelet, that could provide the same information without interfering with an implanted pacemaker.

    I think that hacking a pacemaker is a bit of a liability. If you get something wrong you could kill the person wearing the implant. I think it’s one of the least important things to be able to hack. You’d have to release the manufacturer and the doctors from any liability if a change you make later responds unexpectedly when your doctor interacts with the device. It’s also a double standard; you’d expect a rigorous testing procedure for something someone else implants into you, but a hacker typically doesn’t have the resources to test in as much detail. (e.g. study hundreds of implants over multiple years) The risk/benefit is askew here. Just get a super-duper Casio watch with heart-rate monitoring and be done with it.

    1. If you were in the hospital for a heart attack, you’d be happy to see a super-duper casio by your bedside?  Considering they’d already surgically implanted a monitor in your chest? 
      Implanted inside gives more data, less of an issue of conductance through skin, immediate interpretation of when the pacemaker fired, rather than having to rely on a second device to tell you what your pacemaker is seeing and doing.  Look at what a EKG device is, see if you think you’d be comfortable wearing it 24/7 for a week, let alone for the rest of your life.  Would you want to wear it in the shower, during swimming, dancing and during sex?  All imporant events from a cardiovascular point of view. 

      “Hacking” is too vague a term. The data only goes one way.  You’re not going to come across a big internet button that says don’t press this, accidentally press it and shut off your heart.  It’s just looking at the data real time. 

  14. I’m thinking it’s a violation of HIPAA to deny a patient access to his/her own PHI (Personal Health Information or Protected Health Information).

  15. Cheap (<100$) heart monitors are available to the general public.  More expensive ones (Holter monitors and the like) are also available.  They are available over the counter, by mail order, without a waiver.  The argument that's bed made about litigation would apply to these, and yet they're widely avaible.  If these are avaible, no reason the data from the one implanted in the chest with better data shouldn't also be made available. 

    1.  Ever wear a Holter monitor?  I have.  It sucks.  They pull at the hair and skin on your chest, and the gel contacts slide over time and it hurts to move them back. Not a reasonable alternative.

      1. That was my point, that they and their data was freely available with apparently no litigiation issues, but that the superior data of the implant wasn’t.  Yes, wore one, not suggesting it’s in any way a reasonable alternative. 

  16. I was visiting my grandfather-in-law just yesterday, and he has one of these devices implanted. His health is failing and he’ll be going on hospice care today. One of the things they’ll be doing is to turn off the device, so that he doesn’t get any of the painful shocks if he has an arrhythmia. I asked him if he was going to need surgery for that and he said, “oh, no- they just have a little computer gizmo they use to turn it off remotely.” If they were to publish and support read only access to these devices for any consumer (or insurance company or whatever) that would raise the possibility that someone would figure out how to write to the device. Yes, security through obscurity is a pretty poor failsafe- but the potential downsides for abuse of a technology like this seem too high to me for the upside to really be worth it.

    1. True.  Or they could just hold a pillow over his face.

      If someone wants to kill you, they don’t need to hack your pacer to do it.

        1.  I’m not sure about that.  Which is scarier, a guy approaching your hospital bed with a laptop, or a pillow?  If I had to choose between the two, I thing I’d take cardiac arrest over suffocation, but maybe that’s just me.  How about you?

          1. Not sure, got to thinking about the use of pillow fights in film and got all distracted. What were we talking about?

  17. Former ICU nurse here.  An implantable defibrillator is not a pacemaker.  Different devices, designed to solve different problems.

    I imagine John Brooks has it right, and the manufacturer would like to sell the data on the ICD.  I wrote software for a railroad a few years back, and they had to constantly struggle with locomotive manufacturers to get readable data off the on-board computer, because the locomotive makers wanted to sell the railroad expensive data services.

  18. I can’t wait until someone integrates WebMD with their open-source pacemaker. Hypochondriacs of the world unite? 

  19. Just wanted to add a comment that I did not see mentioned… 

    (Disclaimer: I am a supporter of Hugo and hope he is successful in accessing his own data.)

    From the device company perspective, there is a large medical liability issue that comes from allowing patient’s to retrieve data generated by the device…

    (prepare yourself to enter a ‘semantics zone”)

    AICDs and Pacemakers are FDA approved for “delivery of therapy” (e.g. pacing or giving shocks) not as data gathering tools. The data generated by measuring physiologic parameters is only supposed to tell the machine what to do.

    Now, many experienced Cardiologists use AICDs and PMs “off label” to gather physiologic data and to guide therapy, but this is not their expressed purpose. (In fact, some companies market data gathering features such as OptiVol or pulmonary impedance testing to guide heart failure therapy.)

    Personally, I think this is the realm of word games… but this is the often cited reason that device companies don’t provide readily accessible ways to extract data from devices.

  20. On a side note, a friend triggered his implant when he was starting a chainsaw on a wet lawn.  A little stray electricity from the plug wire must have fooled the device and it gave him the full jolt.  He woke up on his back feeling like he’d been kicked in the chest by a mule.  At least he knows it’s on the job.

  21. I tried to get some data from a sleep study once.  They will gladly print you a copy of the graph and the overall statistics but they looked at me like I was from another planet when I asked for access to the raw data they recorded.   This was pretty interesting stuff like eeg, ecg, body motion, pulse, eye movement etc.  Its also probably is relatively easy to dump from the software into a xls/csv file.  The buracracy however is just too much to deal with.  

    1. On the other hand, I’ve had pretty good luck getting x-ray films released to me, which they don’t want to do by default either. I had to sign like fiver pieces of paper but that was it.

  22. Medical devices are encumbered by all sorts of regulations, and maybe there’s some liability I’m not seeing. I can’t imagine people would be hurt by read-only access to their data, though, especially if they are made to sign a waiver. I remember participating in psych experiments in college where basically I had to sign a waiver that there was a risk that I might be faced with (paraphrasing) uncomfortable insights into my personality, and if I got too broken up about that it would be my own fault.

Comments are closed.