CYBERSECURITY NOTICE - LEGACY EXCHANGE PROGRAM
(US ONLY)

This is a temporary program designed to give our customers the option to exchange or upgrade their current legacy device.

Urgent Field Safety Notification
MiniMed™ 508 Insulin Pump and MiniMed™ Paradigm™ Series Insulin Pumps Cybersecurity Concerns

Program Terms

  1. This program is available until December 31, 2019 and is related to the Urgent Field Safety Notification from Medtronic. Customers may submit their request until December 31, 2019. Shipments may be received after this date.
  1. Eligibility - To be eligible to participate in the program:
    • You must be using a device that is impacted by the cybersecurity concerns outline in the Urgent Field Safety Notification; and
    • You are currently using the device. Current use means you have ordered supplies related to an affected pump in the last six (6) months.
  1. A prescription will be required in order to receive your new insulin pump. Please consult with your healthcare provider.
  1. Your insurance must offer coverage for your new insulin pump ongoing supplies to be eligible for the oer. We will help you verify with your insurance provider that you have coverage for your ongoing supplies.
  • *Other program terms may apply

If you are interested in in discussing your options but you are not sure if you are in warranty, submit your request and we will confrm your warranty status when we reach out to you to discuss your alternatives.

OUT-OF-WARRANTY customer options:

Option 1. Upgrade purchase through your current insurance provider for a new insulin pump with a full 4-year warranty.

  • Training and onboarding support will be provided by Medtronic.
  • Out of pocket costs and deductible may apply based on insurance coverage.

Option 2. Exchange your current insulin pump for a refurb MiniMed™ 670G insulin pump with an upfront fee of $399.

  • NO warranty will be provided.
  • Training and onboarding support will be provided by Medtronic.
  • The $399 is a discounted price for eligible customers which includes training and onboarding support for your new insulin pump transition. $399 is a non-negotiable fee.
  • The $399 fee is for a pump exchange and does not include the Continuous Glucose Monitor (CGM) system.

IMPORTANT NOTES:

  • Customers who wish to participate in this program will need to return their current insulin pump within 60 days.
  • Customers who do not return their current insulin pump will be charged $3,200.
  • Type 2 customers may be eligible for a MiniMed™ 630G insulin pump product exchange.

By clicking this button, I am acknowledging that I have read and understood the Cybersecurity Program Options and Out of Warranty terms outlined above.

SUBMIT YOUR EXCHANGE REQUEST FORM

IN-WARRANTY CUSTOMER:

Exchange current pump for the MiniMed™ 670G insulin pump

  • Customers with a warranty remaining on their current pump are eligible for an In-Warranty Exchange.
  • Customers who are in warranty and eligible for this program can exchange their insulin pump at no cost with the return of their current pump.
  • The warranty remaining on the current insulin pump will automatically carry over to the new insulin pump.
  • Training and onboarding support will be provided by Medtronic.

IMPORTANT NOTES:

  • Customers who wish to participate in this program will need to return their current insulin pump within 60 days.
  • Customers who do not return their current insulin pump will be charged $3,200.
  • Type 2 customers may be eligible for a MiniMed™ 630G insulin pump product exchange.

CUSTOMERS USING A CGM TRANSMITTER WITH THEIR CURRENT PUMP:

Customers with an In-warranty CGM transmitter:

  • We will exchange your transmitter and swap out your last order of sensors. Your remaining CGM transmitter warranty will carry over to the new CGM transmitter at no cost. You will be required to return your current transmitter and last sensor order.

Customers with an Out-of-warranty CGM transmitter:

  • If your CGM is out of warranty you may purchase a new CGM Transmitter and sensors separately.

If you have additional questions regarding the Program contact us:
Monday – Friday, 8AM to 6PM Central at (866) 222-2584.

By clicking this button, I am acknowledging that I have read and understood the Cybersecurity Program Options and Out of Warranty terms outlined above.

SUBMIT YOUR EXCHANGE REQUEST FORM

FREQUENTLY ASKED QUESTIONS

 

Q. Why am I receiving this notice?

Medtronic takes customer safety and device security very seriously. Due to this potential cybersecurity issue, Medtronic is recommending customers speak with their healthcare provider (HCP) about changing to a newer model insulin pump. To help with this, we have created the Legacy Exchange Program, which gives our customers the opportunity to exchange or upgrade their legacy device to a newer model insulin pump with increased cybersecurity protection, like the MiniMed™ 670G insulin pump.

Q. Is MiniMed™ 530G insulin pump vulnerable to these cybersecurity risks?

No, the MiniMed™ 530G insulin pump is not impacted by this cybersecurity issue.

Q. Does my pump require replacement?

Due to this potential cybersecurity issue, Medtronic is recommending customers speak with their healthcare provider (HCP) about changing to a newer model insulin pump with increased cybersecurity protection, like the MiniMed™ 670G insulin pump.

To help with this, we are offering a program for eligible people to upgrade to a newer insulin pump model or obtain a lower cost product exchange. In the meantime, we recommend you take the cybersecurity precautions to minimize the potential risks.

For countries outside of the US:
You will receive or should have already received a notification letter with instructions based on the country you live in. We recommend that you speak with your healthcare provider to discuss the cybersecurity issue and the steps you can take to protect yourself. In the meantime, we recommend you take the cybersecurity precautions included in the letter.

Q. What is the cybersecurity concern?

The MiniMed™ 508 insulin pump and the MiniMed™ Paradigm™ series insulin pumps are designed to communicate using a wireless radio frequency (RF) with other devices such as a blood glucose meter, glucose sensor transmitters, and CareLink™ USB devices.

Security researchers have identified potential cybersecurity vulnerabilities related to the communication protocol in these insulin pumps. An unauthorized person with special technical skills and equipment could potentially connect wirelessly to a nearby insulin pump to change settings and control insulin delivery. This could lead to hypoglycemia (if additional insulin is delivered) or hyperglycemia and diabetic ketoacidosis (if not enough insulin is delivered).

Q. How do I find the software version of my pump?

  • To find the software version for the MiniMed™ Paradigm™ pumps, go to the STATUS screen:
  • To open the STATUS screen, press ESC until the STATUS screen appears.
  • To view more text on the STATUS screen, press the down arrow to scroll and view all the information.
  • To exit the STATUS screen, press ESC until the STATUS screen disappears.

Q. What actions is Medtronic taking to address this cybersecurity concern?

We have notified the appropriate regulatory authorities, published an advisory about this potential security concern, and informed healthcare professionals and patients about precautionary steps that can be taken to protect the security of their pump.

Q. My safety is important, what is Medtronic doing to anticipate security concerns and build-in safeguards to prevent them from happening?

As part of our commitment to customer safety and device security, Medtronic works closely with industry regulators and researchers to anticipate and respond to potential risks. In addition to our ongoing work with the security community, we have already made several important changes to enhance device security with our newer devices available in some countries today. We will continue to take steps to collaborate with industry researchers and regulators to improve device safety.

Q. Has a Medtronic insulin pump ever been manipulated?

Medtronic has not received any confirmed reports of an insulin pump being manipulated in this way by an unauthorized person.

Q. How would I know if someone manipulated my insulin pump?

Several factors must occur for any pump to be potentially affected. We recommend that you continue to pay attention to any pump notifications, alarms and alerts. You should also immediately cancel any unintended boluses and monitor your blood glucose levels closely and taking appropriate actions as needed.

Q. How and when will Medtronic fix this concern?

Medtronic takes customer safety and device security very seriously. We have already introduced a new generation of insulin pumps that is not affected by this issue.

Q. Should I stop using my pump given there are other alternatives to a Medtronic pump?

Of course, every person with diabetes should make these personal decisions along with the consultation of their healthcare team, but there haven’t been any conrmed reports of this security risk. Your safety is our priority and we hope that you’re able to continue to experience the benets of insulin pump therapy. If you are concerned, you can take note of the tips that we’ve shared.

Q. Does this impact the MiniMed™ 600 series insulin pumps? How are the MiniMed™ 600 series insulin pumps different?

No. This vulnerability does not impact the MiniMed™ 600 series insulin pumps because they use encrypted communication which is completely different from the communication used by the Paradigm pump models. The MiniMed™ 600 series insulin pumps include the MiniMed™ 620G, MiniMed™ 630G, MiniMed™ 640G and MiniMed™ 670G systems. Not all these systems are sold on the US market.

Q. How worried should I be?

Medtronic has not received any confirmed reports of a product being manipulated in this way by an unauthorized person.

Q. What do you recommend I do now to protect my insulin pump security?

If you feel concerned:

  • Keep your insulin pump and the devices that are connected to your pump within your control at all times.
  • Do not share your pump serial number.
  • Be attentive to pump notifications, alarms, and alerts.
  • Immediately cancel any unintended boluses.
  • Monitor your blood glucose levels closely and act as appropriate.
  • Do not connect to any third-party devices or use any software not authorized by Medtronic.
  • Disconnect your CareLink™ USB device from your computer when it is not being used to download data from your pump.
  • Get medical help right away if you experience symptoms of severe hypoglycemia or diabetic ketoacidosis, or suspect that your insulin pump settings, or insulin delivery changed unexpectedly.

Q. Should I replace my pump with a new 600 series pump?

Every person with diabetes should make decisions about their insulin pump therapy along with their healthcare team. We recommend you talk about this with your healthcare team.

Q. Didn’t we just receive a letter about cybersecurity concerns?

You may have received information on cybersecurity concerns with the remote controller. This is a separate notification. With the growing amount of attention to cybersecurity in the medical device industry, we felt that it was important for our customers to understand the issues and risks in greater detail.

In the case of the remote controller, an unauthorized individual in close proximity to an insulin pump customer could potentially copy the wireless radio frequency (RF) signals from their remote controller (while they are in the process of delivering a remote bolus) and play the RF signals back at a later time to deliver an involuntary bolus of insulin to the customer. This notice refers to the ability of an unauthorized person with special technical skills and equipment who could potentially send RF signals to a nearby insulin pump to change settings and control insulin delivery.

SUBMIT YOUR EXCHANGE REQUEST FORM
 
IMPORTANT SAFETY INFORMATION: MINIMED 670G SYSTEM
The Medtronic MiniMed™ 670G system is intended for continuous delivery of basal insulin (at user selectable rates) and administration of insulin boluses (in user selectable amounts) for the management of type 1 diabetes mellitus in persons, seven years of age and older, requiring insulin as well as for the continuous monitoring and trending of glucose levels in the fluid under the skin. The MiniMed™ 670G system includes SmartGuard™ technology, which can be programmed to automatically adjust delivery of basal insulin based on continuous glucose monitor sensor glucose values, and can suspend delivery of insulin when the sensor glucose value falls below or is predicted to fall below predefined threshold values. The system requires a prescription. The Guardian™ Sensor (3) glucose values are not intended to be used directly for making therapy adjustments, but rather to provide an indication of when a fingerstick may be required. A confirmatory finger stick test via the CONTOUR®NEXT LINK 2.4 blood glucose meter is required prior to making adjustments to diabetes therapy. All therapy adjustments should be based on measurements obtained using the CONTOUR®NEXT LINK 2.4 blood glucose meter and not on values provided by the Guardian™ Sensor (3). Always check the pump display to ensure the glucose result shown agrees with the glucose results shown on the CONTOUR®NEXT LINK 2.4 blood glucose meter. Do not calibrate your CGM device or calculate a bolus using a blood glucose meter result taken from an alternative site (palm) or from a control solution test. It is not recommended to calibrate your CGM device when sensor or blood glucose values are changing rapidly, e.g., following a meal or physical exercise. If a control solution test is out of range, please note that the result may be transmitted to your pump when in the “Always” send mode.

WARNING: Medtronic performed an evaluation of the MiniMed™ 670G system and determined that it may not be safe for use in children under the age of 7 because of the way that the system is designed and the daily insulin requirements. Therefore this device should not be used in anyone under the age of 7 years old. This device should also not be used in patients who require less than a total daily insulin dose of 8 units per day because the device requires a minimum of 8 units per day to operate safely.

Pump therapy is not recommended for people whose vision or hearing does not allow recognition of pump signals and alarms. Pump therapy is not recommended for people who are unwilling or unable to maintain contact with their healthcare professional. The safety of the MiniMed™ 670G system has not been studied in pregnant women. For complete details of the system, including product and important safety information such as indications, contraindications, warnings and precautions associated with system and its components, please consult http://www.medtronicdiabetes.com/important-safetyinformation# minimed-670g and the appropriate user guide at http://www.medtronicdiabetes.com/download-library.

IMPORTANT SAFETY INFORMATION: MiniMed™ 630G SYSTEM WITH SMARTGUARD™ TECHNOLOGY
 Indicated for the continuous delivery of insulin, at set and variable rates, for the management of diabetes mellitus. MiniMed™ 630G system is approved for ages 14 years or older with Guardian™ Sensor 3 and MiniMed™ 630G system is approved for ages 16 years or older with Enlite™ sensor. Both systems require a prescription. Insulin infusion pumps and associated components of insulin infusion systems are limited to sale by or on the order of a physician and should only be used under the direction of a healthcare professional familiar with the risks of insulin pump therapy. Pump therapy is not recommended for people who are unwilling or unable to perform a minimum of four blood glucose tests per day. Pump therapy is not recommended for people who are unwilling or unable to maintain contact with their healthcare professional. Pump therapy is not recommended for people whose vision or hearing does not allow recognition of pump signals and alarms. Insulin pumps use rapid-acting insulin. If your insulin delivery is interrupted for any reason, you must be prepared to replace the missed insulin immediately. Replace the infusion set every 48–72 hours, or more frequently per your healthcare professional’s instructions. Insertion of a glucose sensor may cause bleeding or irritation at the insertion site. Consult a physician immediately if you experience significant pain or if you suspect that the site is infected. The information provided by CGM systems is intended to supplement, not replace, blood glucose information obtained using a blood glucose meter. A confirmatory fingerstick using a CONTOUR®NEXT LINK 2.4 meter is required prior to making adjustments to diabetes therapy. Always check the pump display when using a CONTOUR®NEXT LINK 2.4 meter, to ensure the glucose result shown agrees with the glucose results shown on the meter. Do not calibrate your CGM device or calculate a bolus using a result taken from an Alternative Site (palm) or a result from a control solution test. If a control solution test is out of range, please note that the result may be transmitted to your pump when in the “Always” send mode. It is not recommended to calibrate your CGM device when sensor or blood glucose values are changing rapidly, e.g., following a meal or physical exercise. The MiniMed™ 630G system is not intended to be used directly for preventing or treating hypoglycemia but to suspend insulin delivery when the user is unable to respond to the Suspend on low alarm and take measures to prevent or treat hypoglycemia themselves. Therapy to prevent or treat hypoglycemia should be administered according to the recommendations of the user’s healthcare provider.
WARNING: The SmartGuard™ Suspend on low feature will cause the pump to temporarily suspend insulin delivery for two hours when the sensor glucose reaches a set threshold. Under some conditions of use the pump can suspend again, resulting in very limited insulin delivery. Prolonged suspension can increase the risk of serious hyperglycemia, ketosis, and ketoacidosis. Before using the SmartGuard feature, it is important to read the SmartGuard™ feature information in the User Guide and discuss proper use of the feature with your healthcare provider.

See www.medtronicdiabetes.com/importantsafetyinformation and the appropriate user guides for additional important details.

930M20848-011 © Medtronic. All rights reserved. Medtronic, Medtronic logo and Engineering the extraordinary are trademarks of Medtronic. Third party brands are trademarks of their respective owners. All other brands are trademarks of a Medtronic company.
 
Important Safety Information Terms of Use Notice of Privacy Practices Website Privacy Policy Contact Us