Safety Alert for Merlin@home Transmitter

According to Department of Health, this safety alert involved a device in Hong Kong that was produced by St.

What is this?

Alerts provide important information and recommendations about products. Even though an alert has been issued, it does not necessarily mean a product is considered to be unsafe. Safety Alerts, addressed to health workers and users, may include recalls. They can be written by manufacturers, but also by health officials.

Learn more about the data here
  • Type of Event
    Safety alert
  • Date
  • Event Date Posted
  • Event Country
  • Event Source
  • Event Source URL
  • Notes / Alerts
    Hong Kong data is current through September 2018. All of the data comes from the Department of Health (Hong Kong), except for the categories Manufacturer Parent Company and Product Classification.
    The Parent Company and the Product Classification were added by ICIJ.
    The parent company information is based on 2017 public records. The device classification information comes from FDA’s Product Classification by Review Panel, based on matches of data from the U.S. and Hong Kong.
  • Extra notes in the data
    Medical Device Safety Alert
  • Reason
    Medical device safety alert: st. jude medical merlin@home transmitter the united states food and drug administration (fda) has issued a medical device safety alert concerning merlin@home transmitter, manufactured by st. jude medical. the fda is providing information and recommendations regarding st. jude medical's radio frequency (rf)-enabled implantable cardiac devices and merlin@home transmitter to reduce the risk of patient harm due to cybersecurity vulnerabilities. many medical devices—including st. jude medical's implantable cardiac devices—contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits. as medical devices become increasingly interconnected via the internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates. to improve patient safety, the manufacturer has developed and validated a software patch for the merlin@home transmitter that addresses and reduces the risk of specific cybersecurity vulnerabilities. the fda has reviewed st. jude medical's software patch to ensure that it addresses the greatest risks posed by these cybersecurity vulnerabilities, and reduces the risk of exploitation and subsequent patient harm. the fda conducted an assessment of the benefits and risks of using the merlin@home transmitter, and has determined that the health benefits to patients from continued use of the device outweigh the cybersecurity risks. the fda urges health care providers to: continue to conduct in-office follow-up, per normal routine, with patients who have an implantable cardiac device that is monitored using the merlin@home transmitter. remind patients to keep their merlin@home transmitter connected as this will ensure that patients' devices receive the necessary patches and updates. the fda urges patients and caregivers to: follow the labeling instructions provided with their merlin@home transmitter. keeping their monitor connected as directed will ensure their monitor receives necessary updates and patches. keep in mind that although all connected medical devices, including this one, carry certain risks, the fda has determined that the benefits to patients from continued use of the device outweigh the risks. seek immediate medical attention if they have symptoms of lightheadedness, dizziness, loss of consciousness, chest pain, or severe shortness of breath. for details, please refer to the fda websites: http://www.Fda.Gov/safety/medwatch/safetyinformation/safetyalertsforhumanmedicalproducts/ucm535979.Htm http://www.Fda.Gov/medicaldevices/safety/alertsandnotices/ucm535843.Htm if you are in possession of the affected products, please contact your supplier for necessary actions. posted on 10 january 2017.


  • Model / Serial
  • Product Description
    Medical Device Safety Alert: St. Jude Medical Merlin@home Transmitter
  • Manufacturer


  • Manufacturer Parent Company (2017)
  • Manufacturer comment
    “We are in constant communication with regulatory agencies and competent authorities worldwide which allows us to implement global recalls or in-country communication quickly and effectively,” Abbott, which now owns St. Jude Medical told ICIJ in a statement. In addition to sending global notices to physicians worldwide, we also make sure that product advisories are available online and classification of product recalls and product advisories are determined by global regulatory bodies which can impact the timing in any given country. MD companies follow varying regulations in different countries. In come countries software is not regulated so a recall in one country related to software would not be classified as a recall or field action in another. In addition, review cycles within the regulatory process can be different in each country which can impact communication and recall timing.
  • Source