TrustPoint Blog

Health Care Privacy in the World of IoT

What if your most intimate secrets were exposed to the world? The possibility of health care privacy breaches in the new era of the Internet of Things has dramatically increased. A recent paper published by the Atlantic Council documents the benefits, risks, and security options for health care devices. More than any other aspect of IoT, health care information and security is paramount.

Potential

Like a number of other industries, IoT has already begun to expand beyond what we believed was possible. Through remote monitoring of health conditions or automated health care devices, we now see the potential of IoT to physically and literally improve our quality of life. Forbes writes that the market for health related connected devices will reach $117 billion by 2020.

This market has actually been developing over the past decade. In the Atlantic Council report, the authors list four main types of devices that we currently have access to. Consumer health monitoring products, such as the FitBit, are widely available for purchase without consulting a professional. Wearable items, like insulin pumps, and embedded devices, including pacemakers, usually require the recommendation of a physician. Lastly, stationary devices that are usually seen in home care allow physicians to monitor patients remotely.

The potential of these devices is incredible. Physicians and patients will have instant and remote access to health data. Acting quickly and effectively, doctors will be able to begin treatment options by accessing the wealth of data at their fingertips.

And just as importantly, costs will go down. IoT is expected to save $63 billion in costs over the next fifteen years. 15–30 percent of that amount will be saved in reduced hospital equipment, while simply getting patients through the system faster will save an additional 15–20 percent.

Risk

But what’s the catch?

Outsiders can potentially access all of the devices that we connect to our network, whether through Bluetooth, Wi-Fi, or even NFC. Baring all of your private health information to your physician can already be terrifying; having it laid out for the public would be entirely traumatizing.

Privacy is essential in health care. Your information should only be shared with physicians and those you personally choose to inform. If health records were widely available, the potential risk for discrimination is massive. More than ever before, insurance companies could deny coverage access, while employers could avoid hiring people with health issues.

Even worse, life-saving, remotely accessed devices could be targeted. Thus far, this idea has been relegated to the world of television, where the creators of Homeland killed off their fictional Vice President through a cyber-attack on his pacemaker.

Although this concept seems far-fetched and confined to Hollywood, any connected device could potentially be a target.

Security

How do we protect ourselves?

IoT is expanding rapidly and without reservation. The benefits in the health care industry alone are too great to be ignored. The only solution is to ensure devices are completely secured.

The main and most important take away from the report is that devices should come with built-in security. Applying security protocols to the point of connection (i.e. the router) will do little to stop even an average hacker. More importantly, if the consumer is responsible for applying security methods, the effectiveness will be limited, and the costs too great.

The problem lies in the fact that private medical companies make these devices. The simplest solution is greater government regulation to ensure the importance of security. When many of these devices were created, security was not even on the radar. Health care data breaches have provided a rude awakening for many medical equipment producers.

However, fear mongering can be put aside if the industry puts in place proper security measures. Instead of seeing vulnerabilities, we will focus on the extraordinary benefits. The powers to give life and take life have always been tied together; health care in the world of IoT is simply another step forward.

About this Blog

The TrustPoint Blog covers security industry topics relating to Certificates, Elliptic Curve Cryptography (ECC), Machine-to-Machine (M2M) Communication, Near Field Communication (NFC), Vehicle-to-Vehicle (V2V) Communication, and more.

Recent Posts