Doctors, Data and Devices: Securing IoT in Health Care

May 15, 2017, 09:00 AM by qaisar khalifa
The Internet of Things has the power to change health care, but a security-first mindset is critical to ensure the safety of patients and their data.

The Internet of Things (IoT) is perhaps one of the most transformative technologies of our time. The ability to connect devices and services to increase efficiencies, streamline operations and reduced manual labor has permeated multiple facets of our lives, enabling us to interact with technology and data in ways previously thought impossible.

As a result, companies in multiple industries are embracing IoT to help differentiate themselves from their competitors and increase customer satisfaction, which ultimately increases their bottom line. In the healthcare space, IoT’s capabilities go well beyond fomenting healthier revenues to producing healthier patients—and sometimes even saving lives, as healthcare wearables can spot symptoms of life-threatening events such as heart attacks and immediately alert the user and healthcare provider to seek care.

IoT is not a slam dunk, however. The technology required to implement IoT effectively requires a network that can easily handle the multiple connections and resulting traffic loads. What’s more, the myriad sensors and data points can mean multiple points of attacks for cybercriminals looking to steal confidential patient information or take down entire networks—or, perhaps worse, hold data hostage for a ransom.

To ensure data is protected and patient care isn’t compromised—and to ensure compliance with privacy and other regulations—healthcare facilities must make security their first priority in designing and implementing IoT technology. However, that doesn’t mean companies have to spend a lot of money on security technology; basic security measures can go a long way in keeping IoT devices secure without negatively impacting the user experience.

Data encryption: The sheer enormity of the amount of data from IoT devices often necessitates the cloud be an essential element of IoT implementations. However, the flow of data from multiple devices over multiple networks—both wired and wireless—can be an easy target for hackers. Therefore, all the data traffic and applications must be encrypted not only on the healthcare facility’s internal network but also on those of its outsourcing providers, including cloud services providers.

Authorization: To help keep data safe, devices and users alike should only be allowed access to the information they need. Devices should collect only the data required for their intended operation, with only users who have been authorized able to access that data. Setting up the right authorizations—and regularly updating them to reflect employee changes—can be a particularly effective line of defense against data breaches.

Passwords/credentials: Most applications and devices come with a default username and password, which are well-known and easily accessible. Before any data is transmitted, usernames and passwords should be changed to ones that aren’t easily cracked.

What’s more, the connected device network should never be configured in a way that exposes authentication credentials in data traffic over the facility’s network.

For IoT environments that include wearable devices, patient authentication is also important, at both the device and system level. Authentication ensures the correct information is being generated by and shared with the correct patient.

Having the right hardware, software and services is not only necessary, but critical in creating a secure, compliant and effective IoT environment. A powerful network is an essential element, providing the performance necessary to power IoT and other technologies in healthcare. Dedicated and broadband connectivity solutions are helping clinics, physician offices and hospitals to provide services related to today’s healthcare technologies. A fiber-rich IP network supports a full line of dedicated, broadband and WiFi connectivity services, ensuring an always-on, always-connected environment that works for everyone. Healthcare facilities should look for a network services provider that can handle every aspect of the network, from provisioning to management, to help them focus on providing services and not on maintaining their network.

The Internet of Things has the power to change the way health care is delivered, patients are treated and healthcare facilities operate. But IoT requires a security-first mindset to ensure data remains safe and patient health is not compromised. Practicing good security hygiene from the onset is an important first step in creating a healthy IoT environment.

Photo credit: Janitors via VisualHunt / CC BY

Learn how Comcast Business can help
keep you ready for what's next.