The Internet of Things (IoT) for the healthcare sector was worth $60 billion in 2014, and growing rapidly, estimated to reach a net worth $136 billion by 2021.
Today, a typical hospital utilizes hundreds of connected devices including implantables, wearables, monitors, workflow, imaging, and patient data systems.
These touchpoints offer several advantages for better patient care; however, many medical IoT devices lack robust security and could serve as an entry point to access the hospital’s network.
Another potential weak link is in-home telehealth medical devices, such as those used to monitor a patient’s blood sugar or blood pressure.
When the data is sent wirelessly to medical providers over the open internet or an exposed Wi-Fi connection, the hospital’s system is temporarily vulnerable to a cyberattack.
Benefits to patient care
The healthcare industry places a high priority on initiatives that save time, money, and lives.
For example, tracking technology offers a way to follow people and equipment in a hospital. Improved patient flow reduces wait times and procedure delays. Better staff-to-patient ratios can be maintained from centralized command stations, and data may be analyzed retrospectively to improve processes.
In general, patient data has never been more accessible.
Today, everything from ventilator readings to nursing station data can be viewed from connected devices anywhere in the hospital.
With readily available patient care data, physicians can make decisions faster, resulting in improved clinical outcomes and reduced costs.
It’s no surprise then, that IoT in the healthcare sector is booming. But, the key issue to resolve is how to mitigate the risk to healthcare IoT devices?
Simplicity implies risk in connected medical devices
No matter how sophisticated the medical device, digital security is typically an afterthought.
Medical IoT devices are designed foremost for usability, but with this simplicity of design, most fail to support encryption. This means that any time a medical IoT device is used to connect with a hospital network or healthcare database, there is a risk of interception or infiltration.
This could happen when ambulance drivers use mobile devices to relay patient data to the ER, when mobile health clinics (MHCs) transmit patient information to their database, or when in-home telemedicine devices transmit data to healthcare providers.
It’s no secret that hospitals are a favorite target of ransomware attacks. This is in large part due to porous digital security and the ever-growing number of unsecure connected devices.
According to the World Privacy Forum, a medical record (name, address, social security number, and health ID number) fetches $50 on the black market compared to a live credit card number which goes for only $3.
Infiltrating a hospital network or healthcare database would provide criminals with access to thousands of personal medical records.
Mitigating the risk
Incorporating security measures into the design of connected medical devices would likely cost prohibitive, and to date, the FDA has been hesitant to implement strict guidance in this area.
Most IoT medical devices stream data and information with repeatable frequency, but securing IoT traffic from a large number of devices and sensors can be overwhelming.
A portable security tool, such as the GoSilent Cube, is an optimal solution for detecting and preventing activity such as remote IoT configuration tampering.
With this protection, medical device data can be securely tunneled and monitored for threat analysis. From a web-based console, administrators can securely communicate with IoT devices deployed within a hospital, medical center or offsite in patient homes.
Requiring only 500 milliamps at 5 volts of power on boot, and averaging 250 milliamps at 5 volts in normal use, GoSilent is unmatched in performance per watt, a critical metric in IoT deployments.
Plus, at a size of only 2” x 2”, the device portability simplifies deployment.
GoSilent is priced substantially lower than other next-generation firewall solutions and is designed to accommodate highly scalable IoT environments with thousands of nodes such as those found in hospitals and large medical centers.