Smart Meter Highlights Security Risks of Remote Patient Monitoring Devices Sending Patient Data to China

Department of Justice Enforcement Rule in Effect Now with July 8^th Deadline to Comply

Smart Meter, the leading provider of cellular-enabled remote patient monitoring (RPM) solutions, is alerting healthcare providers and the public about a serious privacy and data security risk due to many connected medical devices that are routing sensitive patient data through Chinese-operated servers before it reaches U.S.-based healthcare systems. And the U.S. Federal Government has taken notice of this.

This issue of foreign data routing gained attention from lawmakers and cybersecurity experts when U.S.-China tensions began to rise. The use of Chinese servers for sensitive U.S. data has been flagged by federal agencies as a growing threat to national security. To inhibit this threat, on April 8th, a new rule issued by the Department of Justice sets restrictions for transferring data to United States adversaries including China.

“For all new products, Smart Meter performs a forensic analysis before releasing them for public use,” said Derek Trauger, CTO of Smart Meter. “We work closely with our manufacturers to identify potential vulnerabilities that could allow healthcare data to be exposed to countries of concern. Any company not performing this level of analysis is putting patient data at risk.”

With health data security so essential, Smart Meter urges healthcare providers to ask critical questions about where their patient data is going and to choose partners committed to protecting that data domestically. Several RPM device manufacturers, while operating in the U.S., rely on infrastructure or cloud services hosted in China. This means that personal health data, including glucose levels, blood pressure readings, and weight measurements, may be transmitted overseas, sometimes without the knowledge of patients or providers.

“Healthcare data is among the most sensitive information that can be collected, and our government officials are concerned about where that data is sent,” said Casey Pittock, CEO of Smart Meter. “Routing personal health data through China exposes it to foreign surveillance and increases the risk of breaches or misuse. At Smart Meter, we’ve built a secure, U.S.-based infrastructure to protect health data from Chinese intrusion.”

Smart Meter’s proprietary ecosystem of cellular-enabled devices, including iGlucose meters for Type 2 diabetes, iBloodPressure monitors, the iPulseOx for oxygen saturation levels, and the iScale for weight monitoring, connect exclusively through a private, HIPAA-compliant U.S. network. Unlike some cellular and Bluetooth® devices that may rely on third-party connections and infrastructure, Smart Meter’s devices use a dedicated AT&T and CISCO built network to transmit data securely and directly to U.S. healthcare providers, never leaving the country.

One of the most notable impacts of the new guidance is the shift in how liability is assessed. RPM vendors and healthcare providers can now be held jointly responsible for data breaches, even if the breach originates from a third-party service or connected device. This change reinforces the importance of selecting vendors with strong compliance track records and conducting regular third-party audits.

For willful violations, criminal penalties can be imposed, including fines up to $1 million and imprisonment for up to 20 years. Such penalties are applicable in cases where there is intentional misconduct, such as knowingly facilitating prohibited data transfers or conspiring to circumvent the regulations.

Recognizing the need to allow entities time to adhere to the new regulations, the DOJ has instituted a 90-day enforcement discretion period, lasting until July 8, 2025. During this time, the DOJ will not prioritize civil enforcement actions against entities that are making good-faith efforts to comply with the new rules. However, willful violations may still be subject to enforcement actions during this period.

About Smart Meter, LLC

Smart Meter is the trusted supplier of Remote Patient Monitoring (“RPM”) solutions. We empower a nationwide network of SmartPartners^TM who are working directly with healthcare providers to transform patient care. Millions of vital health data readings are reliably delivered across our platform to enable real-time, better-informed health care. Our proprietary patient-friendly cellular FDA-registered monitoring devices are connected to an exclusive AT&T 4/5G network to ensure an engaging patient experience for improved adherence. For more information, visit SmartMeterRPM.com

View source version on businesswire.com: https://www.businesswire.com/news/home/20250529680608/en/