News
Senator Cotton Calls for Federal Investigations Into China-Made Medical Devices
Comments
Link successfully copied
Sen. Tom Cotton (R-Ark.) speaks in Washington on March 17, 2026. (Madalina Kilroy/The Epoch Times)
By Frank Fang
5/27/2026Updated: 5/27/2026

Sen. Tom Cotton (R-Ark.) is seeking federal investigations into internet-connected medical devices manufactured in China, warning that compromised equipment could expose Americans to cybersecurity threats from malign foreign actors.

Cotton, chairman of the Senate Select Committee on Intelligence, sent a letter dated May 26 to Kyle Diamantas, acting commissioner of the U.S. Food and Drug Administration (FDA), and Nick Andersen, acting director of the Cybersecurity and Infrastructure Security Agency (CISA).

“American patients’ exposure to compromised Chinese-made medical devices poses a risk to both national security and public health,” Cotton wrote.

Extraction of data from these compromised devices by foreign actors can lead to “widespread identity theft, insurance fraud, extortion, and more sophisticated scams against American patients,” according to Cotton.

The senator noted that in 2025, the FDA and CISA identified cybersecurity vulnerabilities associated with CMS8000, a model of patient monitors manufactured by China-based Contec Medical Systems. The monitors could gather patient data, including personally identifiable information, and could be remotely controlled by unauthorized users.

“This gave malign Chinese actors an opportunity to directly manipulate how the device operates and displays data, potentially leading to dangerous misdiagnoses of heart failure, arrhythmias, and hypertension,” Cotton wrote.

The FDA issued a Class II recall of the CMS8000 monitors in May 2025.

Since March 2023, the FDA has required new medical devices seeking clearance to meet stricter cybersecurity standards, but older devices approved before the rules took effect are not subject to the same level of cybersecurity scrutiny.

As a result, Cotton said that “more must be done to protect Americans from compromised medical devices.”

The senator asked the FDA and CISA to review Chinese-made medical devices cleared before March 29, 2023.

“Protecting Americans’ privacy and ensuring their health data isn’t accessible to cybercriminals in adversarial nations is of utmost importance,” Cotton said.

Florida Attorney General James Uthmeier has taken legal action to address concerns regarding Contec’s monitors. In June 2025, he subpoenaed Contec Medical Systems and Miami-based company Epsimed, which had been selling Contec-made monitors under its own brand name, over potential cybersecurity risks and alleged violations of Florida’s Deceptive and Unfair Trade Practices Act.

“Medical devices that record patient data must be secure and should not send data to entities controlled by the Chinese Communist Party,” Uthmeier said in a statement at the time. “Protecting Americans’ sensitive, personal data from our enemies is paramount, and my office will get to the bottom of this deception.”

Separately, to address cybersecurity threats against U.S. agriculture and food critical infrastructure sectors, Cotton and Sen. Elissa Slotkin (D-Mich.) reintroduced the Farm and Food Cybersecurity Act in February 2025.

If enacted, the legislation would require secretaries of agriculture, homeland security, and health and human services, as well as the director of national intelligence, to hold annual crisis simulations to prepare for food-related cyberemergencies.

The secretary of agriculture would also be required to conduct risk assessments every two years to determine any vulnerabilities in the agricultural and food sectors and submit the findings to Congress.

“America’s adversaries are seeking to gain any advantage they can against us—including targeting critical industries like agriculture,” Cotton said at the time. “Congress must work with the Department of Agriculture to identify and defeat these cybersecurity vulnerabilities.”

In May 2025, Cotton and Sen. Ruben Gallego (D-Ariz.) introduced the Water Cybersecurity Enhancement Act, which would, in part, offer technical assistance and grant funding to community water systems to support training on responding to cyberattacks.

In a statement at the time, Cotton said the bipartisan legislation would strengthen the U.S. “ability to protect essential services and support local water utilities in building stronger cyber defenses.”

Share This Article:
Frank Fang
Author
Frank Fang is a Taiwan-based journalist. He covers news in China and Taiwan. He holds a Master's degree in materials science from National Tsing Hua University in Taiwan.
More from Frank Fang
Key Takeaways From Trump’s China Visit
May 15, 2026
US Prepares Visa Sanctions on China as Deportation of Chinese Nationals Stalls
May 6, 2026
Chinese Student Arrested for Allegedly Photographing Planes at US Military Base
April 22, 2026
Trending
1
US Figure Skater Alysa Liu’s Father Rules Out Representing China, Cites Human Rights Concerns
2
Key Takeaways From Trump’s China Visit
3
CCP Involvement Casts Uncertainty Over US–Iran Ceasefire, Reopening of Strait of Hormuz: Analysts
4
Chinese National Tied to Suspected Las Vegas Biolab Found Guilty of COVID Test Fraud
5
California Mayor to Plead Guilty to Acting as Chinese Agent
Latest
1
What’s Really Happening in California Prisons? | Amie Ichikawa
2
Plan to Eliminate All of Catalina Island’s Deer Is Sparking Controversy | Ben Myhre
3
Los Angeles Street Lights Are Going Out. Who Should Pay to Bring Them Back? | Jon Fleischman
4
The CCP’s Influence Network Behind a California Mayor’s Guilty Plea
5
The ADA Loophole Flooding California With Lawsuits: Who Is Being Targeted?
ADVERTISEMENT