The FBI recently released a public service announcement warning about the threat that Internet of Things (IoT) poses to businesses and consumers when it comes to cyber crime involving objects and devices, which clearly includes medical devices. Things like wireless heart monitors, insulin dispensers and wearables or subject to privacy breaches.
The announcement states:
Criminals can also gain access to unprotected devices used in home health care, such as those used to collect and transmit personal monitoring data or time-dispense medicines. Once criminals have breached such devices, they have access to any personal or medical information stored on the devices and can possibly change the coding controlling the dispensing of medicines or health data collection. These devices may be at risk if they are capable of long-range connectivity.
Behavioral Health, Interoperability and eConsent: Meeting the Demands of CMS Final Rule Compliance
In a webinar on April 16 at 1pm ET, Aneesh Chopra will moderate a discussion with executives from DocuSign, Velatura, and behavioral health providers on eConsent, health information exchange and compliance with the CMS Final Rule on interoperability.
While the intent is clearly to be informative and serve as a warning, it may leave some wondering,”So…what the hell are we supposed to do about it?”
Here are some questions that come to mind as it relates to healthcare:
1. Should medical device manufacturers or pharmacies recommend best practices for protecting data (or potentially be required to)? Many consumers, despite such public warnings from the FBI, still do not understand levels of risk and the magnitude of potential privacy breaches. Perhaps this kind of information be delivered more clearly on a personal level.
2. Does your Fitbit need antivirus software? It’s probably fair to say that most people aren’t necessarily concerned about other people knowing how many steps they took that day. But when it comes to dealing with providers and privacy in general, using wearables definitely imply vulnerability.
A Deep-dive Into Specialty Pharma
A specialty drug is a class of prescription medications used to treat complex, chronic or rare medical conditions. Although this classification was originally intended to define the treatment of rare, also termed “orphan” diseases, affecting fewer than 200,000 people in the US, more recently, specialty drugs have emerged as the cornerstone of treatment for chronic and complex diseases such as cancer, autoimmune conditions, diabetes, hepatitis C, and HIV/AIDS.
3. Are current home Wi-Fi networks inadequate? This isn’t a purely healthcare-related concern, clearly, but it’s becoming more and more disconcerting to think that even when you’re in your own home, browsing the Internet about things like health conditions, providers or treatment options, that information is subject to examination.
4. How easy is it really to hack devices? We touched on this when it came to the BlackBerry security experts who demonstrated how easy it was to hack a LifeCare PCA infusion pump from Hospira – even though the documentation was reportedly faulty. If things like infusion pumps are outside of the clinical environment, they could be easier to hack, apparently. But this understanding is at least partially dependent on assumptions and self-reported updates on how secure hospitals actually are.
5. Will ongoing warnings affect the market for wearables long-term, or this just a call for more adjustments? It seems clear that there will continuously need to be improvements made not just for better, more user-friendly products, but for security purposes. Will warnings like this from the FDA deter people from purchasing wearables, or will many people just decide that potential privacy invasion is just part of the ball game at this point?
Photo: Flickr user Ministerio TIC Colombia
