Medtronic's 20-year-old PB840 ventilators are workhorses, but the company has used DRM to prevent repairs by third parties. Controlling repair gives medtechs monopolist two benefits:
1. They can charge higher-than-market rates for repairs and extract "certification fees"; and
2. They can declare some units irreparable, forcing customers to junk and replace them.
The DRM Medtronic uses means that even if you swap a working monitor from a ventilator with a broken breathing unit to a ventilator with a broken monitor and a working breathing unit, the system will refuse to operate.
But a Polish hacker offers an unlock-code-generation library that appears to come from Medtronic itself: "The Polish hacker told Motherboard that technicians will take a manufacturer’s repair class in the United States, get the required software, then share it widely."
This library is given to independent repair technicians in the USA embeded in handmade, homebrew dongles housed in old clock cases. One medtech cited by Jason Koebler says he's fixed at least 70 ventilators with his dongle.
"This is a copy of a proprietary tool. It doesn’t take rocket science to put these things back together. The weak point of these companies’ supply chains is other countries, so through our friends in other countries we’re able to get this stuff."
Newer ventilators require internet-based activations following repairs, with technicians paying $10k-15k/year to access the manufacturers' servers.
This follows from a steady rampup of high-cost "certifications" for hospital technicians, without which they were denied access to parts and manuals. Hospitals can't repair the equipment they own - and rely on to save our lives - unless they shell out for expensive programs.
Note that paying for these programs doesn't change who fixes the gear or how they fix it. In either case, the hospital's own repair staff do the work, following the service manuals.
The only difference is that "authorized" repairs generate payments to manufacturers.
"For a lot of vendors, you have to get recertified every other year to keep working on their equipment. I had a biomedical technician who lost their certification during the middle of the pandemic [because it lapsed]" -tech manager for 14 hospitals in covid-hit state.
"We called the mfgr and they wouldn't give us the info to service their ventilators. Eventually we get on a call and say 'this is ludicrous, this person has been working on these ventilators for 12 years. Release the service key so I can get patients back on ventilators."
Medtech monopolists claim they'd be held liable if an uncertified repair harmed a patient. They're wrong.
From that hospital tech manager: "we own the risk if equipment fails and someone sues. Never have I heard of the maker of the equipment is named in a lawsuit."
"Third-party repair professionals provide high quality, safe, and effective servicing of medical devices." -US Food and Drug Administration, 2018.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!