Firstly I will admit that I prefer as simple a medical device as possible, meaning nearly no software between me and the action. If you for example are handed an old Lifepack-5 or 10 it is intuitive even if you are just off of the boat from Russia, China, or Brazil requiring quick visual inspection and maybe five minutes of instruction for anyone with ACLS equivalent training.
I am against insecure hardware and the admin assigned to the device should have as low level as possible access to the function of the software to hardware level. That means they can secure as needed or lock down as needed. I do not suggest that a network admin is qualified to hack on a certified medical device(certification presents its own merits and shortcomings), I suggest that a person certified in servicing or maintaining the unit should be available on site or from the manufacturer who can secure or enable networking or wireless telemetry and control to meet the needs of the medical institution rather than having a very static universal firmware for all devices.
As for my nurse example, a complete stranger could run down someone on any street or shoot them with a deer rifle. Vulnerabilities are bad when used for evil but they exist in life, being able to turn them off rather than closing the protocol or worse making it obscure that only a few people in the know can do some high paid assassinations over a decade or so is worse than a known vulnerability which would cause the device to be recalled or maybe have a hardware switch for the wireless or net access.
