iot health

IoT Evolution Health News

IoT Evolution Health Home

In the Healthcare IoT Gold Rush, Developers Cannot Overlook Security

By Special Guest
Mark de Clercq, Director, Low Power Connectivity, Dialog Semiconductor
April 19, 2018

The impact of the Internet of Things can be felt across a broad spectrum of industries, touching our lives at home, in the workplace, and on our commutes between the two, in countless ways. But, where the IoT is having a particularly profound effect is the healthcare space. Cutting-edge, innovative devices like smart pacemakers, inhalers, blood pressure monitors and wellness wearables are making it easier than ever to track and catalog personalized health data – data that can be leveraged for better doctor diagnoses and patient outcomes.

As the Internet of Things continues to radically reshape the healthcare world, and do so at an increasingly faster pace, it’s imperative that IoT engineers are not rushing their devices to meet these burgeoning market demands – and, in that rush, neglecting essential device security concerns that may be putting users’ data at serious risk.

Where healthcare IoT may infringe on user privacy
Cyberattacks like the recent security exploits Spectre and Meltdown have put new names to longstanding issues with connected devices – namely, the risk of sensitive user information being compromised because of design vulnerabilities outside of their control. These risks are especially acute in a shared infrastructure like healthcare IoT, where patient data isn’t just being handled by patients, but countless other touchpoints among doctors, administrators, insurers and so on.

What Spectre and Meltdown illustrated was that vulnerabilities far outside of users’ control or awareness can have immense consequences for their own privacy. Connected devices that collect or manage users’ medical data may be running on processors vulnerable to current or future exploits like Spectre and Meltdown – a design flaw that most involved would have no idea about but puts their information at risk for data hacking or harvesting all the same.

Other stories, like the FDA’s 2017 recall of almost 500,000 pacemakers over command and control risks, also highlighted how the connectivity element of healthcare IoT devices invites the potential for bad actors. Pacemakers are not nice-to-have luxuries; for the patients who need them, they’re literally matters of life and death. The idea that hackers may be able to backdoor their way into hijacking these devices for their own means is incredibly troubling.

Adopting a proactive stance on healthcare IoT security
But, for all the security risks and vulnerabilities posed by healthcare IoT devices, there’s a lot that can be done to address and rectify these concerns right out of the gate. Developers and engineers can take a more proactive stance here, by building robust cybersecurity protections into their designs from the beginning. These protections have to rely on interconnected layers of hardware and software.

On the hardware level, this can span secure key storage, random number generators, hashing functions and cryptographic accelerators, to name a few examples, that should be integrated into IoT systems on a chip (SoCs). These hardware blocks are key for any device’s security – but, they’re also functionally useless without a layer of equally sophisticated software protections to go with them. Encryption, authentication and secure booting are a few critical software services that should be prioritized for integrating within the architecture of the security hardware.

The IoT can be a double-edged sword – on the one hand, leveraging connections across countless devices for better collection and application of user data; on the other hand, having this data trade hands so often that it introduces sensitive information to new security risks. This dichotomy feels especially potent in the healthcare space, where the data being collected, leveraged and possibly compromised pertains to our health and well-being. The IoT is offering promising new breakthroughs in the health and medical world, but we can’t overlook its potential security concerns and must address the threats through serious and proactive security engineering.  

About the author: Mark de Clercq, Director, Low Power Connectivity, Dialog Semiconductor, joined the company in 2007 as Product Marketing Group Manager. Prior to this, he was a design engineer at Phillips Electronics and held research and teaching posts at McGill University.




Edited by Ken Briodagh


SHARE THIS ARTICLE
Related Articles

Asimily Studies the Internet of Medical Things: How Adopting a Holistic, Risk-Based Approach is Key for HDOs

By: Alex Passett    8/23/2023

Internet of Medical Things company Asimily published a new report studying the effects of cyberwarfare on the modern healthcare industry.

Read More

GlobalPlatform Leads the Way in Automotive Security

By: Greg Tavarez    5/28/2023

GlobalPlatform launched a comprehensive initiative to address automotive security challenges and foster collaboration within the industry.

Read More

Validic Expands Healthcare IoT Platform with Integration of Smart Meter's Cellular-Enabled Health Devices

By: Stefania Viscusi    4/5/2023

Validic, a digital health company, announced it has integrated with Smart Meter, a connected health solution supplier, to expand its healthcare IoT pl…

Read More

CenTrak Announces Workflow Software for Improved Healthcare Solutions

By: Alex Passett    1/19/2023

End-to-end healthcare solutions provider CenTrak has introduced Workflow, its new software designed to remove manual burdens in clinical settings.

Read More

The Internet of Cannabis: How Sensor-Based Networks and Precision Horticulture are Going Next Level

By: Reece Loftus    12/19/2022

With its Grow as a Service offering, PharmCloud's has created Cannabis Industry 4.0, with IoT sensors placed throughout the growth process to enable m…

Read More