Patient data security in the era of medical connected devices

Authors

  • Tudor C DRUGAN Department of Medical Informatics and Biostatistics, Iuliu Haţieganu University of Medicine and Pharmacy, Louis Pasteur Str., no. 6, 400349 Cluj-Napoca, Romania.
  • Dan ISTRATE Department of Medical Informatics and Biostatistics, Iuliu Haţieganu University of Medicine and Pharmacy, Louis Pasteur Str., no. 6, 400349 Cluj-Napoca, Romania.

Keywords:

Data Collection, Medical Device, Internet of Things (IoT), Data Protection

Abstract

Internet of Things (IoT) is a domain that includes embedded devices connected to a network and used in multiple applications such as: transport, telecommunications, medicine, industrial field and many others. Medical Connected Devices are IoT devices and have their origins in wireless sensor networks and extend this concept by proposing applications in which embedded devices connected to the Internet help automate user tasks. Thus, IoT devices are imagined in multiple applications, from home scenarios (smart home) to clinical scenarios.

Considering that IoT devices impact the medical practice and patient life, there is a pressing need for security mechanisms. Security is considered one of the most important IoT characteristics, but it is not considered a key factor influencing acceptance rate.

Medical IoT devices are an attractive target for attackers, as they operate with private user data and can be used as an attack vector (for example, for DoS attacks). The peculiarity of the IoT context is that a security breach can endanger human lives or privacy, as well as causing economic damage. Another particular feature of the Medical IoT context is the difficulty of designing security solutions, due to the multiple limitations of the devices, including: hardware and software limitations, lack of input-output modules, installation scenarios and more. Given these particularities of IoT devices and adding the multitude of software and hardware platforms, along with the lack of standardization, there is a pressing need for new security solutions.

Without complying with basic cyber security standards, many medical IoT manufacturers focus exclusively on the features of the devices they sell. In many cases, they do not check for vulnerabilities in the final version of the product, nor for the corresponding applications through which the product can be controlled. It could be negligence, but a more likely explanation is that this approach reduces production costs and speeds up product placement. In any case, this affects buyers who are likely to suffer financial consequences or lose sensitive information when hackers start exploiting the flaws.

Downloads

Published

14.09.2019

How to Cite

1.
DRUGAN TC, ISTRATE D. Patient data security in the era of medical connected devices. Appl Med Inform [Internet]. 2019 Sep. 14 [cited 2024 Dec. 25];41(Suppl. 1):10. Available from: https://ami.info.umfcluj.ro/index.php/AMI/article/view/743

Issue

Section

Special Issue - RoMedINF