healthcare data image credits

Do you know who might steal your healthcare data?

August 1, 2017

Smartphones and phone-connected wearables are increasingly capable of collecting data on individuals and their environment via high-tech sensors. From heart rate, pulse, and body temperature to location, air quality, humidity and other relevant characteristics, the tiny elements embedded in our technology can sense and register quite an accurate image of inner and outer factors that play a role in the state and evolution of human health. But where does our healthcare data end up?

The accuracy issue in healthcare data

The professional high-quality devices are employing algorithms to compute energy expenditure in relation with a few parameters, such as age, gender, type of physical activity and, most importantly, the individual average levels in all measured data. Commercial, less expensive devices also include this features, but there is a fine accuracy line between the two categories.

As you may notice in the above-placed link, it takes quite a meticulous contribution from the user’s part in order to set these devices to correctly measure and report the registered information, as well as to learn to interpret the increasing/decreasing values and their reasons.

The low/middle end technology is not inherently exact nor is it guaranteed to perform a medical check-up. Most of the already existing devices cannot replace medical measuring instruments, nor can they offer a rate of error estimate – not when it comes to serious matters.

When devices are purposely created to serve people who have medical conditions and undergo tests and trials they come as less as leisure/entertainment gadgets and more as medical devices. It is a different category of wearable tech, but it usually comes at higher prices.

However, think of this: not all people who might have medical issues are aware of it. What happens when a person relies on a non-medical device and falsely believes his health state is better than it really is?

The bottom line would be that non-professionals are unable to truly judge the validity of technological measurement devices, so they should be aware of all the possible errors before choosing to rely on a device. In cardiovascular monitoring, chest straps for example are better than wrist devices – since the sensors are closer to the heart.

Alternatively, to test the measurements delivered by wearables via traditional means, e.g. measuring the heart rate and blood pressure with a non-digital monitor and comparing the values with the digital values.

The  healthcare data management issue

Healthcare-related devices come with associated apps. The FDA separates mobile applications from mobile medical applications, and it does that for a reason. The mobile medical apps are “intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man”, and FDA has an oversight approach in this field.

Either way, even regulated medical device applications need to be setup, customized and correctly maintained in order to provide efficient data management, processing and analysis. Patients should solicit and receive professional help in configuring the adjacent applications so that continuous monitoring would go on smoothly.

Some applications require monthly or yearly subscriptions in order to offer important personalized features and to maintain the user profile active. Without the ability of data comparison or analysis in correlation with notifications and alerts, the healthcare role of such devices and applications is rather passive. It depends on the patients to perform this type of monitoring tasks, which can prove tiresome.

Therefore once the data is collected, its processing and feedback operations are another stage where the quality of software and its configuration matters to a great extent. In addition to professional devices, patients (or healthy people concerned about their health parameters) need to have access to the best software, be it applications, programs of even online platforms that would interpret the sensor-collected data professionally.

The cyber-security issue

Considering the previous elements, cyber-security is crucial when dealing with healthcare technology.

The first vulnerability may lay with tech manufacturers: if they go for the cheaper system software or the cheaper sensors, they risk embedding weak entry points into the chipsets from the factory stage. Keeping their software updated and monitored is another must, for otherwise even the high-end sensors might get infected with malicious code bits and become corrupted.

Secondly, when managing the devices, users should take all precautionary measures to preserve their high cyber protection status. Transferring data may translate into connecting the devices to the user’s phone, tablet, laptop or desktop. One should always pay attention that these are in turn cyber-safe. Using random devices to perform data transfers is not recommended, especially when you need to keep an important device virus and malware free in view of its important healthcare role in your life. All user-initiated operations should take place on a cyber-security awareness background, or else unwanted disruptions might make the medical device unusable/unreliable.

Yet, the most dreaded cyber-security issue when it comes to healthcare data is related to cyber breaches

Intruders can access, steal, leak or use for malicious purposes all personal information stored on such a device or transferred online via an application. Depending on the medical device, the stored parameters create a virtual user ID, biometrics-wise.

In conclusion, there are two main cyber-security consequences when it comes to medical devices:

  • Having the device turned into an unreliable piece of technology due to intrusion-caused malfunctions, cyber-infections or due to remote manipulation;
  • Losing or becoming unable to access the personal (medical) data hosted by the device or by the servers linked to its operating software and its storage system, which could endanger the users’ digital identity, as well as their health safety.

Medical technology needs to be protected, functional and confidential in what its data is concerned. The more it needs a strong level of protection, the more of a hot target it becomes in what has been denominated “a new war zone” – healthcare security.