Networked medical devices linked to the Internet of Things (IoT) hold tremendous promise if security is built in from the outset, according to a new report released today by Intel Security and the Atlantic Council.
The Healthcare Internet of Things: Rewards and Risks explores security challenges and societal opportunities for networked medical devices, including those that are wearable, temporarily ingested or even embedded in the human body for medical treatment, medication, and general health and wellness. The report makes recommendations for the industry, regulators, and the medical profession to help them maximize the value to patients while minimizing the security challenges originating in software, firmware, and communications technology across networks and devices.
Networked medical devices may improve fitness, medical outcomes and quality of life. According to the report, one estimate of these technologies could save $63 billion in healthcare costs over 15 years with a 15-to-30 percent reduction in hospital equipment costs. However, the report finds the benefits of networked healthcare come with several main areas of concern: theft of personal information, intentional tampering with devices to cause harm, widespread disruption and accidental failures.
“Networked healthcare can make the Internet of Things very personal,” said Pat Calhoun, Senior Vice President and General Manager, Network Security at Intel Security. “When a networked medical device is connected to a person, the health information that can be exchanged may dramatically improve healthcare, but the consequences of privacy and network security intrusions are equally real. Security should be built into the whole healthcare ecosystem, from the device, to the network, to the data center.”
The report provides several recommendations intended to help foster innovation while reducing security risks, including:
- Security should be built into devices and the networks they use at the outset rather than as an afterthought.
- Industry and governments should consider implementing a comprehensive set of security standards or best practices for networked medical devices to address underlying risks.
- Private-private and public-private collaboration must continue to improve.
- The regulatory approval paradigm for medical devices may need to evolve in order to better incentivize innovations while enabling healthcare organizations to meet regulatory policy goals and protect the public interest.
- There must be an independent voice for the public, to ensure patients and their families have a voice, the goal being to strike a balance among effectiveness, usability, and security when the device is implemented and operated by consumers.
Download the complete report at http://www.mcafee.com/us/resources/reports/rp-healthcare-iot-rewards-risks.pdf.
About Intel Security
McAfee is now part of Intel Security. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique McAfee Global Threat Intelligence, Intel Security is intensively focused on developing proactive, proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world. Intel Security is combining the experience and expertise of McAfee with the innovation and proven performance of Intel to make security an essential ingredient in every architecture and on every computing platform. The mission of Intel Security is to give everyone the confidence to live and work safely and securely in the digital world.
About Atlantic Council
The Atlantic Council is a nonpartisan organization that promotes constructive US leadership and engagement in international affairs based on the central role of the Atlantic community in meeting today’s global challenges. For more information, visit: http://www.AtlanticCouncil.org.
Intel, the Intel logo, McAfee and the McAfee logo are trademarks of Intel Corporation in the U.S. and/or other countries.
*Other names and brands may be claimed as the property of others.