Defibrillators use electrical shocks to restore a normal heart beat when they detect arrhythmia or other abnormalities. In the past couple years, more than 100,000 patients in the U.S. alone have been implanted with newer devices that reduce medical visits by sending information on a patient to a bedside monitor that then sends the data to a doctor, usually once a day. In the model researchers studied, transmissions from the defibrillator to the bedside monitor are not encrypted, which means that someone intercepting the transmissions could retrieve such data as the patient's birth date, medical ID number and, in some cases, Social Security number. As the technology spreads to more medical devices, including pacemakers, spinal cord stimulators and hearing implants - and as the range of the devices' radio signals increase - the researchers predict patients' data will face increasing risks.

The need for data encryption in future devices is urgent, as the current devices would need a hacker to touch the patient to get the information needed. Future versions capable of transmitting signals as far as 30 feet from a patient will incorporate stronger security.

Source