Becker's recent article on the “hospital room of the future” highlights a rush to modernize healthcare. Hospital executives speak of digitization until “virtually every object and sensor becomes part of the so-called 'Internet of Things.“
Rooms equipped with cameras and monitors, listening to voice commands, robotic nursing for repetitive tasks such as feeding and turning, makes the hospital room of the future look much more interactive than the sterile environments we find today in most hospitals.
Extending IoMT into patient homes introduces new risks
Ultimately, the goal is to extend the Internet of (Medical) Things into patient homes. In terms of patient experience, we must examine an already-considerable challenge, healthcare cybersecurity. How will we tackle the secure management of this technology once our homes become the “point of care”?
Hospitals operate to a safety-first policy, always. The focus on patient experience ahead of preparedness, infrastructure resiliency, and risk maturity puts that philosophy at risk.
Other industries are more prepared
Many industries, including utilities, which already spend over twice as much on cybersecurity as healthcare organizations, are also undergoing an IoT transformation. Apart from cybersecurity budgeting, the IoT deployment focus starts with internal operations, or back office. This includes optimizing energy and water generation or tracking real time smart grid data. These indicate sensible, safer approaches within a mature risk management culture.
The article also makes comparisons to the media industry (“taking a page from Netflix”), suggesting we monitor patient and family interaction with bedside content in order to glean important patient information. The media and advertising industries have taken data gathering and analytics to fuel user profiling, which could happen when patients engage with content. What happens when this reaches the home? Who is responsible for remote patient security?
In cybersecurity, one of the most mature industries is financial services, where the introduction of significant regulation in the early 2000’s compelled today’s sophisticated investment in banking infrastructure. This goes far beyond privacy protection, to the security and resiliency of systems, and by extension (with cyber-physical systems and IoT) to end user safety.
As the cybersecurity industry has learned over the last 20 years, consumer-facing priorities need a solid technology management foundation and risk-first culture, before the consumer-facing bells and whistles can operate safely. With safety as a first priority, let's hope healthcare cybersecurity builds that foundation before we rush into the hospital room of the future only to bring some unsavory consequences with us.
Author: Justine Bone
For more information, please contact info@medsec.com