Bigfoot Security and Privacy

Bigfoot is committed to safeguarding the security, safety, and privacy of our customers and patients who use our products and services to ease the burden of diabetes care. Bigfoot values the confidentiality, integrity and availability of all protected health and personally identifiable information (e.g., PHI, PII) in accordance with all applicable federal and state privacy and security laws, including the Health Insurance Portability and Accountability Act. 
 
Bigfoot is committed to providing customers and patients safe and secure products and services, as well as organizational capabilities for monitoring and managing security throughout the total product life cycle. Bigfoot’s overall security strategy:

  • Is based on a risk-based approach
  • Takes a holistic approach by assessing risks/mitigations throughout the product life cycle
  • Ensures continuity of critical device safety and essential performance
  • Promotes the development of trustworthy devices.
  • Safeguards patient privacy and confidentiality

Security Bulletin

Bigfoot Biomedical has responded to the remote code execution vulnerability associated with Apache log4j software in accordance with our documented plans and processes. No exploits to our customers’ privacy or security have been detected. We continue to work with our technology partners to monitor and update our software infrastructure and services.

Additional information is available in the NIST National Vulnerability Database:

CVE-2021-44228        10 DEC 2021

CVE-2021-45046        14 DEC 2021

CVE-2021-4104           14 DEC 2021

CVE-2021-45105         18 DEC 2021

CVE-2021-44832        28 DEC 2021

Active, Ongoing Security

Threats and exploits to security and privacy will continue to evolve. Bigfoot actively monitors systems and software for emerging threats and has developed plans and procedures to identify and manage new vulnerabilities and incidents. Bigfoot intends to partner with other medical device manufacturers to share and analyze information, threat intelligence, and best practices.

Bigfoot recognizes the importance of the work performed by the security community to help safeguard the safety and security of Bigfoot customers and caregivers. Please see our Coordinated Vulnerability Disclosure Policy for more details.

Additional Information

For additional information on our cybersecurity practices and processes please see the Bigfoot Security Whitepaper.

To request additional information or report a suspected vulnerability, please contact our security team group using this form.

For technical support or to report an Adverse Event or Product Quality Complaint, please contact us via email: Support@BigfootBiomedical.com

WEB-400018 Rev B, 01/22