When an OS update becomes a hypoglycemia trigger: a “software change safety case” for CGM ecosystems

Abstract

Keywords

Continuous Glucose Monitoring (CGM)hypoglycemia digital health ecosystems

To the Editor,

The report completed by Sato et al.,¹ regarding the case of a patient with hypoglycemic coma due to malfunction of a continuous glucose monitor (CGM) sensor, all resulted from the automatic updates that smartphones received. Continue reading for some insights on this very important and pressing patient safety issue which will continue to grow as more CGMs become embedded in the wider “digital ecosystem” of multi-vendor technology companies (manufacturers of CGMs, mobile applications, smartphones operating systems including Bluetooth, background permissions, and cloud storage systems) who can make potentially unsafe changes without any intentional or direct involvement by the manufacturer of the CGM sensor.^2–4

The primary lesson learned from CGM failures is that these problems can be devastating when healthcare providers utilize the CGM values in their decision-making surrounding an individual’s treatment. The larger worldwide lesson to take away from CGM failure is that the risk associated with the software supply chain will now be viewed as an integral element to a person’s overall endocrine health. The use of CGM continues to rise globally; therefore, dependence on reliable systems is expected. The challenges of maintaining access to back-up capillary testing, educational programs for patients, and emergency response services continue to pose significant threats in the event of temporary incompatibility between devices and app or operating system updates.²

In this article, we present an approach to support innovation while mitigating the risk of recurrence through the requirement for the creation of a Software Change Safety Case (SCSC) for continuous glucose monitoring (CGM) ecosystems. The minimal SCSC would consist of a lightweight document that could be audited and published to show that all foreseeable software changes, like app updates and major Operating System releases, have been appropriately tested, monitored, and communicated to end users prior to release. The elements required within a minimal SCSC would include the following:

Compatibility assurance by design: a continually updated public compatibility matrix (device/app/OS) linked to a structured regression testing program across high-volume model(s) and OS version(s) with special attention given to Bluetooth stack changes.^3,5

Patient safety through fail-safe mechanisms: Create a policy that implements “safe mode” policies whenever signal integrity is uncertain. This includes providing salient alerts, clearly instructing users to verify with a fingerstick before dosing, and developing a clear and effective mechanism to pause automated functions if necessary.^2,6

Post-market learning for user safety: In addition to establishing a standardized set of definitions for various adverse events that may occur from software-related CGM failures, develop a rapid reporting mechanism that will allow for a quick comparison of data between different CGM manufacturers and speed up the corrective action taken by each CGM manufacturer.^6–8

Through the promotion of a standardized method for communications about digital incidents, or adverse events, associated with the devices, and by promoting a consensus on performance and interoperability standards for CGM devices, Therapeutic Advances in Endocrinology and Metabolism (TAEM) can position itself as a global leader in support of improved health outcomes.^6–8 The Sato et al. experience represents not just a cautionary example but also provides the basis for a system-wide approach to improved safety and equity in the provision and support of CGM devices.

Sincerely,

Footnotes

Acknowledgements

None.

Declarations

ORCID iD

Mulavagili Vijayasimha

References

Sato

Hashiguchi

Kitsunai

, et al. Hypoglycemic coma owing to sensor device dysfunction after an automatic smartphone operating system update. Ther Adv Endocrinol Metab 2025; 16: 20420188251400550.

ElSayed

Aleppo

Aroda

, et al. Diabetes technology: standards of care in diabetes—2023. Diabetes Care 2023; 46(Suppl. 1): S111–S127.

Jendle

Adolfsson

Choudhary

, et al. A narrative commentary about interoperability in medical devices and data used in diabetes therapy from an academic EU/UK/US perspective. Diabetologia 2024; 67: 236–245.

Espinoza

Yeung

Huang

, et al. The need for data standards and implementation policies to integrate insulin delivery data into the electronic health record. J Diabetes Sci Technol 2023; 17(5): 1376–1386.

Klonoff

Gabbay

Moon

, et al. Importance of FDA-integrated continuous glucose monitors to ensure accuracy of continuous glucose monitoring. J Diabetes Sci Technol 2025; 19(5): 1392–1399.

Pleus

Eichenlaub

Eriksson Boija

, et al. The need for standardization of continuous glucose monitoring performance evaluation: an opinion by the international federation of clinical chemistry and laboratory medicine working group on continuous glucose monitoring. J Diabetes Sci Technol 2026; 20(1): 201–206.

Pemberton

Adolfsson

Wilmot

, et al. Urgent need for standardization in CGM performance assessment. Diabetes Care 2025; 48(10): e126–e127.

Scharf

Feriz

Yepes

, et al. Consensus statement on standardizing CGM evaluation metrics in Latin America: an expert approach. Diabetol Metab Syndr 2025; 17(1): 291.