Attorney General James Uthmeier has initiated legal proceedings against Contec, a Chinese manufacturer of medical devices, due to potential cybersecurity risks and alleged violations of Florida's Deceptive and Unfair Trade Practices Act. The company, which has been operating in the United States for over ten years, is accused of concealing significant security issues within its patient monitors.
"Medical devices that record patient data must be secure and should not send data to entities controlled by the Chinese Communist Party," stated Attorney General James Uthmeier. "Protecting Americans’ sensitive, personal data from our enemies is paramount, and my office will get to the bottom of this deception."
Concerns have arisen over a built-in "backdoor" that could enable unauthorized manipulation of data displayed on these devices without the knowledge of patients or healthcare providers. Additionally, there are claims that these devices automatically transmit patient information to an IP address associated with a university in China. These issues are particularly troubling given previous warnings from the FBI about hackers targeting American healthcare systems. Federal agencies have advised disconnecting or disabling such monitors.
Contec operates an American branch in Illinois and sells its products through companies like Epsimed, a Miami-based reseller that rebrands and markets these monitors under its own name.
Allegations suggest that Contec misrepresented its monitors as FDA-approved despite their lack of approval. Similarly, Epsimed claimed compliance with international standards like FDA, CE, and ISO even though serious cybersecurity vulnerabilities were present. Both companies allegedly failed to disclose critical security flaws in their products.
The action taken by Attorney General Uthmeier under FDUTPA against Contec and Epsimed may result in seeking damages, civil penalties, and injunctive relief aimed at safeguarding consumers moving forward.