Connected devices are working wonders for managing treatment, but their integration with consumer technology and cloud computing raises significant security issues.

Lorie Wigle, Vice President, General Manager IOT Security Solutions, Intel Security Group

June 11, 2015

3 Min Read

What has been happening over the past week or month with your blood pressure, heart rate, glucose level, respiration, or oxygen levels? How much and what type of exercise do you do, and what effect is it having? While the answers to these questions may not be on the tip of your tongue, wearable medical technologies can monitor, store, and transmit this data, providing your healthcare team with more granular information than they have ever had outside of a hospital. These and other connected healthcare devices are improving diagnosis, treatment, and quality of life, while reducing costs.

How much do you weigh? What do you eat? What medications are you taking? What diseases or conditions do you have? Medical information is also one of the most personal and private aspects of our society. While it is important for your healthcare professionals to know these things, it is equally important to keep it private from those who may use the information to take advantage or discriminate against you.

Tiny devices that can be worn, implanted, or even ingested are being invented at an accelerating pace. And they are not just monitoring, but taking an active role in managing a long list of things, including hearts, pain, insulin, and seizures. These devices are working wonders for managing treatment and quality of life outside of hospitals. But their connectivity and integration with consumer technology and cloud computing raise significant security issues. The biggest concerns are privacy violations and intentional disruptions, and one high-profile security incident could discourage adoption for decades.

Personal medical information is valuable to cyber criminals. While stealing credit card numbers is big business, the stolen card has no value once it is reported stolen. Stolen medical data, on the other hand, can be sold for insurance fraud repeatedly and can continue to add value for years. And we can only imagine what other unethical and illegal uses criminals could come up with.

Security By Design

Managing and reducing these security concerns requires a change in how we design, develop, and regulate connected healthcare devices. The first step is a focus on security by design, making upfront investments that will pay back benefits to the device manufacturers and the healthcare community for years. Sharing best practices and building shared or open-source libraries of common functions would go a long way to quickly improving security across the industry.

Then we need better collaboration among vendors, medical practitioners, and regulators to openly discuss and resolve issues, enable innovation and effectiveness, and safeguard the public interest. Regulators themselves need to review the approval process, taking into consideration the pace of technological change and the cloud nature of data that crosses national and corporate borders, while continuing to protect patients. Finally, we need to learn from social media and customer centric design, listening better to the voices of the patients and families involved and incorporating their feedback.

Connected healthcare devices deliver highly personal benefits, embedding the Internet into medical processes. With these tools, we are already seeing improved medical outcomes, better quality of life, and lower healthcare costs, and we are just at the beginning of this transformation. Incorporating security by design, increasing collaboration, and evolving the regulatory process will ensure these benefits are not lost to crybercrime and security breaches.

For more information on the topic, check out Atlantic Council’s recent report at The Healthcare Internet of Things Rewards and Risks.

About the Author(s)

Lorie Wigle

Vice President, General Manager IOT Security Solutions, Intel Security Group

Lorie Wigle is building a new business focused on securing critical infrastructure and IOT more broadly at Intel subsidiary McAfee. Lorie has been with Intel for nearly 30 years in a wide variety of marketing and technical roles. She has an MBA from Portland State University and a BA degree from the University of Oregon. Lorie was named one of the three most powerful women in smart grid by Smart Grid Newsletter and one of top 10 women in sustainability by PINK magazine. In 2011, she received the Sustainable Business Leadership Award from Sustainable Business Oregon.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights