iot health

IoT Evolution Health News

IoT Evolution Health Home

In the Healthcare IoT Gold Rush, Developers Cannot Overlook Security

By Special Guest
Mark de Clercq, Director, Low Power Connectivity, Dialog Semiconductor
April 19, 2018

The impact of the Internet of Things can be felt across a broad spectrum of industries, touching our lives at home, in the workplace, and on our commutes between the two, in countless ways. But, where the IoT is having a particularly profound effect is the healthcare space. Cutting-edge, innovative devices like smart pacemakers, inhalers, blood pressure monitors and wellness wearables are making it easier than ever to track and catalog personalized health data – data that can be leveraged for better doctor diagnoses and patient outcomes.

As the Internet of Things continues to radically reshape the healthcare world, and do so at an increasingly faster pace, it’s imperative that IoT engineers are not rushing their devices to meet these burgeoning market demands – and, in that rush, neglecting essential device security concerns that may be putting users’ data at serious risk.

Where healthcare IoT may infringe on user privacy
Cyberattacks like the recent security exploits Spectre and Meltdown have put new names to longstanding issues with connected devices – namely, the risk of sensitive user information being compromised because of design vulnerabilities outside of their control. These risks are especially acute in a shared infrastructure like healthcare IoT, where patient data isn’t just being handled by patients, but countless other touchpoints among doctors, administrators, insurers and so on.

What Spectre and Meltdown illustrated was that vulnerabilities far outside of users’ control or awareness can have immense consequences for their own privacy. Connected devices that collect or manage users’ medical data may be running on processors vulnerable to current or future exploits like Spectre and Meltdown – a design flaw that most involved would have no idea about but puts their information at risk for data hacking or harvesting all the same.

Other stories, like the FDA’s 2017 recall of almost 500,000 pacemakers over command and control risks, also highlighted how the connectivity element of healthcare IoT devices invites the potential for bad actors. Pacemakers are not nice-to-have luxuries; for the patients who need them, they’re literally matters of life and death. The idea that hackers may be able to backdoor their way into hijacking these devices for their own means is incredibly troubling.

Adopting a proactive stance on healthcare IoT security
But, for all the security risks and vulnerabilities posed by healthcare IoT devices, there’s a lot that can be done to address and rectify these concerns right out of the gate. Developers and engineers can take a more proactive stance here, by building robust cybersecurity protections into their designs from the beginning. These protections have to rely on interconnected layers of hardware and software.

On the hardware level, this can span secure key storage, random number generators, hashing functions and cryptographic accelerators, to name a few examples, that should be integrated into IoT systems on a chip (SoCs). These hardware blocks are key for any device’s security – but, they’re also functionally useless without a layer of equally sophisticated software protections to go with them. Encryption, authentication and secure booting are a few critical software services that should be prioritized for integrating within the architecture of the security hardware.

The IoT can be a double-edged sword – on the one hand, leveraging connections across countless devices for better collection and application of user data; on the other hand, having this data trade hands so often that it introduces sensitive information to new security risks. This dichotomy feels especially potent in the healthcare space, where the data being collected, leveraged and possibly compromised pertains to our health and well-being. The IoT is offering promising new breakthroughs in the health and medical world, but we can’t overlook its potential security concerns and must address the threats through serious and proactive security engineering.  

About the author: Mark de Clercq, Director, Low Power Connectivity, Dialog Semiconductor, joined the company in 2007 as Product Marketing Group Manager. Prior to this, he was a design engineer at Phillips Electronics and held research and teaching posts at McGill University.

Edited by Ken Briodagh

Related Articles

HOYHEALTH Launches HoyDOC Mobile App Bilingual Tele-Health Platform

By: Ken Briodagh    8/15/2018

Hoy Health, a health-tech start-up that offers access to healthcare programs, recently announced the launch of its HoyDOC mobile app.

Read More

Hearing Aid Technologies to Make Life Easier

By: Special Guest    8/15/2018

In today's world full of technological advancements, it is quite common for everyone to face issues with respect to the hearing capability.

Read More

Hack the Grid: It May Be Easier Than We Thought. Now What?

By: Special Guest    8/13/2018

Cybereason reported earlier this month that the Industrial Control System environments that handle energy may be easier to hack than even the most sea…

Read More

When the FBI Speaks the IoT Listens

By: Cynthia S. Artin    8/10/2018

Recently, the FBI issued a periodic "Public Service Announcements" (PSA) with an unusual twist: a dire warning stating that cybercriminals are using t…

Read More

IoT in Health Podcast S.1 Ep.3 IFS

By: Ken Briodagh    8/3/2018

On this episode of the monthly IoT in Health Podcast, Ken Briodaghsits down with Tom DeVroy, Senior product Evangelist, IFS North America, to talk abo…

Read More