Gair, Gair, Conason, Rubinowitz, Bloom, Hershenhorn, Steigman & Mackauf is a New York Plaintiff's personal injury law firm specializing in automobile accidents, construction accidents, medical malpractice, products liability, police misconduct and all types of New York personal injury litigation.

Articles Tagged with medical malpractice

Published on:

cyber attack can arm patientsHospitals are one of the favorite targets of ransomware hackers because hospitals simply can’t afford to have their IT down as it can cause severe harm or even death to patients. As a result when a hospital  has its systems blocked by hackers it might be more willing to pay a ransom than any other type of organization in order to get their systems working again.

Recently, a debt collection company working with 657 healthcare providers announced that it had been the victim of a cyber attack. Hackers were able to obtain patients information including their name, address, social security number and medical information. It is unclear so far how many patients have been affected but this might have been of of the largest healthcare data breach of 2022.

CISA warns hospitals and healthcare providers of Maui ransomware

Published on:

Medical Malpractice Lawyer Ben RubinowitzOur Managing Partner, Ben Rubinowitz,  has been invited to speak at the American Urologic Association’s annual meeting in New Orleans this Friday. 

This is one of the largest medical conferences in the world and is attended by more than 25,000 Urologists.

Due to the successful results our firm has had in medical malpractice cases, Ben has been asked to share his knowledge with treating urologists.

Published on:

hospital patientEvery year the ECRI institute releases a list of top main concerns that may lead to patient harm and medical malpractice. While cybersecurity was one of the main concerns in the previous years, the ongoing Covid 19 crisis put a lot of pressure on hospital staffing and “staffing shortages” is now at the top of the concerns  followed by worker’s mental health and racial disparity in treatments.

The pandemic emphasized concerns that were already latent in the American healthcare system but that have worsened during the pandemic:

  1. Staffing shortages: the registered nurses median age is 52 year old with 20% of them being older than 65 year old. Young nurses are needed but nursing schools are missing proper resources such as faculty, clinical sites, classroom spaces and budget. As a result 80,407 nursing school applicants were turned down in 2019.  In the coming years, staff shortages will be experienced at all levels of the healthcare system from nursing assistants to technicians such as laboratory technicians as well as critical care doctors, hospitalists, pharmacists and respiratory therapists.
Published on:

hospital patientMore than 150 models of medical devices manufactured by more than 100 manufacturers and equipped with PTC Axeda agent and Axeda Desktop Server  have dangerous cybersecurity vulnerabilities that could potentially harm patients. The Axeda agent and Axeda Desktop server  sold by PTC are  components allowing one or more people to view and operate the same remote desktop, through the Internet. However,  it was recently found that hard-coded credentials were used in these components making them particularly vulnerable to cyber attacks. Hard code credential  is a practice used by software developers in which authentication data such as password are embedded directly in the source code. This practice was identified 9 years ago as a significant cybersecurity threat and is considered outdated and dangerous. It is particularly concerning that medtech vendor PT  is still selling products using this technology, especially products providing remote support functionality which are among the most targeted by hackers.  Hard code credential vulnerabilities, if exploited, allow hackers to fully access the system, execute remote code, change the configuration, read or save changes directly to files and folders on the user’s device, access user’s login information and flood the targeted device or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. Designing medical devices containing such outdated and dangerous components is negligence that can cause injury or death to patients.

Defective medical devices with cybersecurity flaws are considered the number one health technology hazards in 2022 by the ECRI Institute. The FDA issued a cybersecurity alert and the Cybersecurity and Infrastructure Security Agency issued an advisory with a detailed description of the vulnerabilities,  recommendations to mitigate them and a list of the main manufacturers  using Axeda agent and Axeda Desktop servers in some of their products. Among them are Accuracy, Agilent, Bayer, BD, Elektra, GE, Roche Diagnostic, Smith Medical and Varian. These manufacturers have all released their own information in regards to affected products.

Read more in Medtech Dive

 

Published on:

OxyContinThe lawyers for Dr Xiulu Ruan and Dr Shakeel Kahn will argue tomorrow before the Supreme Court of the United States that the criminal standard that physicians faced is not applied consistently among the federal circuits. Dr Xiulu Ruan was one of the largest prescribers of quick-release fentanyl drugs in the US and he is serving a 21-year sentence in federal prison. Dr Shakeel Kahn is serving a 25-year sentence after running pill mills in Arizona and Wyoming.  Their lawyers want their convictions to be overturned but the probability that it occurs is extremely low. However what the lawyers want is that the Supreme Court define a uniform standard that would allows doctors to raise a “good faith” defense and as a result a jury would be able to consider if a doctor was using his or her best medical judgement.

For doctors and patients all over the country the case is not about judging if Ruan and Kahn were bad actors among doctors and committed medical malpractice  but about good doctors who are risking criminal investigation because of  a difficult decision they made.  When the opioids started to flood the market 20 years ago, excessive prescribing was common. In order to curb the actual opioid crisis, authorities have been investigating prescription habits intensively to the point that doctors are now scared to prescribe them to their patients even though they need them.  People coming out of surgeries are being left to unnecessarily suffer because hospitals have implemented drastic guidelines and long term chronic pain patients can’t find a doctor anymore and have to turn to the illegal market.  As prescriptions for opioids fell down, the opioid deaths hit a record high last year in the US with most deaths being related to illegally obtained opioids.  Recent studies indicate this is not a coincidence as long term patients that have been cut from their doctors find themselves in the emergency room because they were poisoned by illegal drugs or committed suicide (See New England Journal of Medicine).

A recent article in the New York Time discuss this difficult issue extensively.

 

 

 

Published on:

Infusion pumps are at risk of cyber attacks75% of infusion pumps used by hospitals and other healthcare providers are at risk of being compromised by hackers and as a result can cause harm to patients or expose sensitive data.

Infusion pumps are some of the most commonly used medical devices and some big hospitals are managing thousands of these devices. A recent study by Palo Alto Networks’ Unit 42, looked at 200,000 infusion pumps manufactured by 7 different companies and being used by multiple hospitals and healthcare organizations that are all using IOT Security to monitor their medical devices.

Researchers found that an alarming number of these devices were highly vulnerable to cyber attacks with 40 known security gaps identified among the devices. Additionnally, 70 types of alert messages received from  these devices through the IOT security network where identified as messages related to security issues.  Most vulnerabilities identified were leakage of sensitive information and unauthorized access causing the device to become unresponsive.

Published on:

Hospital PatientMost medical devices used by hospitals are legacy devices that are still operating on Windows 7 that Microsoft no longer supports.  Manufactured at a time when cybersecurity was not a preoccupation, these devices can now easily be hacked and potentially be dangerous to patients. As a result, on top of safeguarding traditional IT assets, hospitals now have to figure out a way to secure tens of thousands of legacy devices from hundreds of manufacturers connected to their network.  It is a real headache for most hospitals and healthcare organizations as many of them do not even keep an inventory of their medical devices. According to a recent study only 36% of healthcare organizations know where their medical devices are.

While some devices that can cause fatal injuries, such as insuline pumps or pacemakers, are being actively monitored and recalled by the FDA, it is estimated that all other medical devices have an average of more than 6 vulnerabilities per device and that 40% of devices used by hospitals are at the end-of-life stage and do not have security patches or upgrades available.

Not surprisingly, FDA regulations in this field are lagging with the agency only saying both hospitals and manufacturers are responsible for protecting devices from cyber attacks. Hospitals are pointing fingers at manufacturers for not providing the necessary support and want the FDA to mandate lifetime support of medical devices by manufacturers.  So far, the further the FDA went was to publish post-market guidance for medtechs on what they should do to secure their products. This is not enough as hospitals find themselves dealing with thousands of devices that they are supposed not only to track but also patch to prevent cyberattacks. With the ongoing Covid19 crisis, hospitals are unable to handle this task and as a result they become increasingly vulnerable to cyberattacks that could injure or kill patients.

Published on:

Medical maplpractice attorney Ben RubinowitzThis past Saturday our managing partner Ben Rubinowitz lectured to urologists at the Societies for Pediatric Urology SPU2021 Pediatric Urology Fall Congress held in Miami, Florida.

Ben presented a dynamic talk as to the pitfalls of inadequate care and the resultant harm that comes to patients when doctors fail  to provide appropriate treatment. To reinforce his points, Ben cross examined doctors with regard to medical malpractice.  Ben’s talk and demonstration focused on testicular torsion cases and circumcision cases gone wrong. “I consider it an honor to be invited to speak at both the Mayo Clinic and at the Pediatric Urology Fall Congress,” said Ben Rubinowitz.  “ If we can prevent patients from being harmed we have all done something good — remember, we are all in this together — and no patient needs to suffer an injury that could have been prevented.”

For more than 25 years Ben has shared his expertise with physicians throughout the country.  This  program was attended by more than 300 urologists from across the country.

Published on:

FDA-logoAfter a recent study pointed fingers at the mismanagement of medical device recall by the FDA (see previous blog),  further investigations are confirming an outdated and broken system that leaves patients at risk of serious injury and death as unaware doctors continue to use defective devices on their patients.

A recent example of this outdated process is the recall of a sleep apnea ventilator device manufactured by Philips. It is not clear so far as to when exactly, Philips executives found out that the foam used to dampen the noise of the machine was breaking down and could potentially be inhaled or ingested by patients, exposing them to carcinogenic or toxic effects. However, the company announced publicly, on April 26th, while reporting Q1 earnings that it was creating a provision of 250 million Euros to cover costs related to possible risks to users in some sleep and respiratory care machines. While the company had probably already identified that the defective devices were the ones manufactured between April 2007 and April 2021, it waited almost two other months to initiate a recall and warn consumers of potential carcinogenic and toxic effects.  After the issuance of the recall, the FDA issued a safety communication on June 30. It took until July 22nd for the FDA to classify the recall as class I event and publish a public notification.

Does this mean that all patients have been contacted and had their ventilator changed? Not at all. In the actual process, the customers of the manufacturer, such as the hospitals, the providers, the retailers or the distributors are in charged of contacting the patients and they usually don’t do it.  Instead, doctors wait for the patients to come in with symptoms.

Published on:

FDA-logoMany defective medical devices might still be used by medical professionals because deaths that occurred when using these devices are being mislabeled as injuries in the FDA Medical Database according to a study published last week in JAMA Network. The study looked at 290,141 reports of defective medical devices that resulted in serious injuries or deaths that were processed by an algorithm. They found that 52% were classified as deaths and 47.9% were classified by the algorithm as malfunction, injury, other or missing. Among these 47.9% that were not classified as death, 23% of these reports were indeed death reports that were not classified proprely by the algorithm. As a result many deadly devices might still be used on patients.  The FDA must review all reports classified as death but does not routinely review all reports that are classified as other or misfunction.

The most dangerous of all medical devices were the ventricular assist bypass devices. These devices represented 13% of all adverse event reports. Coming in second position was the dialysate concentrate for hemodialysis in liquid or in powder with 8.7% of all adverse event reports. The third most reported defective devices were the transcervical contraceptive tubal occlusion devices with 5% of all adverse reports.

The authors of the study also mention that 95% of the adverse event reports were made by manufacturers and not by healthcare facilities or physicians which might constitute a conflict of interest. The authors note that delays in reporting serious injuries or deaths were common. An example of this issue was the Essure permanent birth control device. 32,000 women reported issues with this device between 2002 and 2013 while the FDA only received 1,023 reports.