top of page
Search
Writer's picturebleepDigital

Deaths and digital aftercare: Who keeps the microchip?

Updated: Feb 20, 2023

The biotechnology companies who offer injectable consumer implants for body modification rarely interact with the mortuary service providers of NHS hospitals. Yet as the uptake of subcutaneous devices increases in the population, with more and more individuals walking around hosting implanted tech, at some point we have to ask what happens if one of these people becomes injured or dies.

Radiofrequency Identification (RFID) chips were initially developed in the veterinary industry as a means by which to track and identify animals. Firstly with wild animals for conservation efforts and later on with domestic pets. These devices have now extended to the human market, with RFID chips becoming a popular trend amongst #Biohacking communities. Alongside implantable LED tattoos and subcutaneous magnets, these smart implants are the latest development in body modification technology. Device software has also increased in complexity. The "In-body GPS system" (ReMix) from MIT can use injected implants to provide GPS tracking of individuals with an accuracy of 1.4cm [1].


Despite these implants being placed beneath the skin, they are not classed as medical devices and therefore are not subject to the same legislation as medical technologies such as pacemakers or glucose sensors. Further, the disconnect between these companies from clinical settings means that clinicians rarely encounter these devices until they go wrong.

Let us consider an extreme case, in which a patient with an implanted device dies by suspicious circumstances of unknown cause. Zooming in on biotechnological challenges of this case, immediate ethical questions arise. Firstly, who owns the device now the patient has died, and who owns the data? Say the device is a GPS enabled RFID chip containing detailed information on the patient's last movements, do we require consent from the patient (when they are living), or the Next of Kin (following death) to access this data? Can this be overridden by law enforcement? At present, the post-mortem guidelines offered by the Royal College of Pathologists (RCPath) in the UK, do not discuss the appropriate processing of consumer technology after a death.

In response to the growth of the ‘Internet of Medical Things (IoMT)’, researchers have argued that ‘Cyber-autopsies’ need to be integrated into post-mortem practice [1, 2]. These autopsies would take into account the analysis of an implanted device and the risks that connected technologies may have posed to the patient. While features such as continuous Bluetooth data streaming and device customisation via Radiofrequency Telemetry (RF) have benefitted patients through personalisation of care, these lines of communication are vulnerable to Electromagnetic (EM) interference and targeted hacks by malicious actors. Additionally, technical analyses may be useful in non-cyber related deaths. Lacour et al investigated 150 autopsies of individuals with implanted devices, and through digital forensics were able to identify the time of death in 76% of cases [3].

Clinicians are not trained in the recognition of biotechnological syndromes and as a result technological concerns may not be raised at the point of patient death or on the death certificate. One reason being that biotechnological syndromes may present with a range of unexpected clinical phenomena [4-9]. For example, errors in Deep Brain Stimulators (DBS) may present with autonomic dysfunction (pyrexia and tachycardia), psychiatric crises or motor dysfunction [4-9]. Furthermore, the cause of a DBS error may be hard to recognise, research by Rahimpour et al has found that DBS performance can be affected by the EM radiation of common household appliances such as hair dryers or security gates [10].


The issues of medical device forensics has been highlighted by patients who have suffered from these harms. Schmitt, a medical digital forensic specialist, interrogated her own pacemaker following an illness that required resuscitation and identified the faulty lead that caused her medical emergency [12]. Physical hardware faults such as this may be apparent on an autopsy, however lethal software bugs and telemetric hacks are harder to identify. In the case of a suspicious death where an implanted medical device is present, a physical autopsy must be accompanied by a digital autopsy of device error logs and potential compromises.

References

Unbreak My Heart | What I Learned for Building Better Medical Devices While Troubleshooting My Pacemaker | Veronica Schmitt. https://www.sans.org/blog/unbreak-my-heart-what-i-learned-about-building-better-medical-devices-while-troubleshooting-my-pacemaker/. Accessed 20 Feb. 2023.

0 comments

Comments


bottom of page