Hacked Medical Devices? Yes. It Could Happen.

Digital medical devices entered mainstream healthcare more than a decade ago, but their widespread adoption and accessibility has grown significantly in the last few years. However, there is a major area of concern that needs to be considered on the heels of this rapid growth. As with any other internet-connected device, it is critical to remember that wireless medical devices, implants, and wearable gadgets are vulnerable to one of the most dangerous cyber flaws – hacking. It’s absolutely possible for someone to hack an insulin pump and direct it to deliver too much or too little insulin. A pacemaker could be remotely turned off, and a defibrillator could be manipulated to administer an unintended lethal shock. While we haven’t yet seen or heard of such incidents, except perhaps from a fictional TV show or two, we are inching dangerously closer to a future where medical cyber-crime could possibly wreak deadly havoc.

Security is an important issue for all regulated industries as they explore the benefits of new technology, mobile, and connectivity – and perhaps there is nowhere that it is more vital than in the healthcare industry, where millions of lives are dependent on the reliability and security of these technologies and devices.

Why Should we be Worried?

Fitness and health monitoring has recently hit point of mass adoption in the form of wearable technology, with about one in every six U.S. consumers already using some form of wearable. In 2013, fitness devices such as Fitbits, Jawbone UPs, and Nike FuelBands contributed to 97 percent of all smartphone-enabled activity trackers sold in stores or online. The question is, what happens to all the sensitive data generated by these devices? Do we have a choice as to who has access to it? Of course, we don’t intend to share our medical information with strangers, but what if this happens without our knowledge?

Let us, for instance, put aside the life-threatening consequences of medical hacking. Even then, medical data thefts could open doors to several different critical possibilities. For example, when making a health insurance claim, if your insurer can access your activity and track behavior that might falsely appear to nullify your claim, they may then be able to use that information to unjustly refuse payment on your claim.

While this is just a minor example of what could happen if data falls into the wrong hands, even more unnerving is the surveillance capabilities of wearable gadgets. A recent survey by the Pew Research Center and Smithsonian magazine revealed that 17 percent of respondents who were reluctant to consider the Internet of Things and embedded devices as beneficial for mass use were worried that implants or connected devices with their “always-available computing could lead to other social ills.” This is exactly what happened in 2011 when FitBit was under fire because it measured the sexual activity of its users. And yes, those stats showed up in Google search results.

Do we have a Safety Net against Possible Threats?

The answer to that question is, not yet. However, a lot of research has been taking place in hopes of securing the use of wireless medical devices. Researchers from Rice University are experimenting with encrypted heartbeat as a way to disarm hacking attempts. A joint-team of researchers from Purdue University and Princeton University have built a prototype firewall that could also prevent such attacks. However, all of these are still in their testing phase and their potential in a real-life situation is not known yet. Even government regulations are not strong enough when it comes to approving devices for safe usage and protecting users from health care related cyber-crimes.

Clearly, the rate of adoption of advanced medical devices is outpacing the development of necessary security measures. This is, unfortunately, leaving users susceptible to violations of privacy as well as more nefarious forms of cyber-crimes. Unless these security concerns are quickly and efficiently addressed, there could be a significant decline in the trust users place in such wireless monitoring techniques. That kind of mistrust could ultimately lead to an impediment in further development of devices with amazing potential in health care.

Is the security of medical devices a concern to you? Do you think about the data that is collected by wearable devices falling into the wrong hands? Let us know if you feel this is something that needs to be addressed sooner rather than later or if it is something that you dont feel poses a major threat. We would love to hear your thoughts.

If you would like to learn more about this and other digital health topics register for MobCon today.

Photo Credit: lifeinsurance89441 via Compfight cc