How important is security for implementing Internet of Things in healthcare?
This new report (The Healthcare Internet of Things: Rewards and Risks, March 19th, 2015, by Jason Healey, Neal Pollard, and Beau Woods) explores key security questions around networked medical devices. In particular, the view includes those that are wearable, temporarily ingested or even embedded in the human body for medical treatment, medication, and general health and wellness.
Estimations tell that these technologies could save $63 billion in healthcare costs over 15 years with a 15-to-30 percent reduction in hospital equipment costs. Never the less, the journey toward a networked healthcare visualizes areas of concern like theft of personal information, intentional tampering with devices to cause harm, widespread disruption and accidental failures.
While dramatically improving healthcare, implementation of Internet of Things has to consider the consequences of privacy and network security.
The report provides several recommendations intended to help foster innovation while reducing security risks, including:
Security should be built into devices and the networks they use at the outset rather than as an afterthought.
Industry and governments should consider implementing a comprehensive set of security standards or best practices for networked medical devices to address underlying risks.
Private-private and public-private collaboration must continue to improve.
The regulatory approval paradigm for medical devices may need to evolve in order to better incentivize innovations while enabling healthcare organizations to meet regulatory policy goals and protect the public interest.
There must be an independent voice for the public, to ensure patients and their families have a voice, the goal being to strike a balance among effectiveness, usability, and security when the device is implemented and operated by consumers.
Companies implementing Internet of Things in healthcare should strongly consider these recommendations, setup the tools – both the technical and communication ones – and ensure compliance during the complete life cycle of the solutions.