Healthcare technologies that seamlessly connect devices and data in secure networks are closer than we think
Healthcare technologies that seamlessly connect devices and data in secure networks are closer than we think
China, Apple, Google and the most plugged-in patients in history are racing towards a new day where medical devices can speak to one another in an “internet of things”, pick up clinical errors and feed data into health records.
Doctors and health IT experts are also looking forward to a better time – one where someone comes up with a plan for assuring the safety and security of the data-driven, interconnected, tech-heavy health system we have today.
Todd Cooper, an international authority on health IT, says rapid advances in connectivity are being driven by pressure from manufacturers in China and India, plus a surge of activity in Big Data and analytics, with IBM, Apple and others entering the fray.
Google’s tie-up last year with Dexcom, a continuous glucose-monitoring device specialist, to offer tiny wearable devices for people with diabetes, was an example of the direction of innovation.
“They are going to shrink (the existing technology) onto a Band Aid-sized sensor that you can put on and it will work with your smartwatch or smartphone,” Mr Cooper told a workshop of clinicians and health informaticians in Melbourne last month.
“It will take that glucose measurement and put it up into the cloud, and Google will be able to do the analytics, crunch the data and put it up into the cloud to provide better management for customers.”
On the heels of the Google-Dexcom tie-up, the pace of change quickened with the announcement in May of a partnership between Medtronic, another traditional heavyweight device maker, and Qualcomm Life, a subsidiary of mobile communications leader Qualcomm.
Using Qualcomm’s communications network, the partners will be able to control and deploy architecture to cover diabetes monitoring from the home to the hospital, Cooper, who is the chief executive of California-based Breakthrough Solutions Foundry, says.
“This is no longer research. It is reality, and it is coming on very soon.”
But much more is also upon us.
For instance, a detection monitor linked with data from an infusion pump can be used to check a patient’s response to medication. If it detects a minute irregularity, the system will access a genomic profile of the patient and use a decision-support knowledge base to alert a clinician to review the medication if appropriate.
“Obviously, the device manufacturers weren’t aware their data would be plugged into this system, the various vendors were not focused on this kind of system. But by pulling all these pieces of a system together, you can do some pretty interesting things,” Cooper said.
“These are the kinds of systems we are seeing come on in the future. These are being commercialised today.”
So what could possibly go wrong? he asks.
“Who is responsible for the safety and effectiveness and secure implementation of these next-generation technologies? Will the clinical and biochemical engineering guys even be part of that dialogue and discussion?”
Flinders University Professor of Digital Health Systems, Trish Williams, told delegates at the workshop that healthcare was an easy target for attack, with a system comprised of large and small organisations and myriad connections in between.
“We are rubbish at security, absolute rubbish,” she said.
While hacking was an enduring threat – by individuals using ransomware in a bid for financial gain or even state agencies trying to steal intellectual property embedded in medical devices – the convergence of technologies was set to be a growing headache, she said.
Malware getting into a medical device could mean the device would not function as it was supposed to, with possibly dire implications for patient safety. However, breach detection was difficult in the absence of constant system monitoring.
“Software is important not just as a medical device but in taking other bits of technology and turning them into a medical device. It’s that convergence and integration of technology that’s causing us the problem,” she said.
“It may not yet be (patients) taking smartphones into the emergency department and saying this shows my blood pressure over the last six weeks. But the idea that your personal device is going to be used in that health setting is not very far away.
“So when we talk about security in this convergence environment, we have a lot of puzzle pieces to put together.”
Professor Williams, co-director of the new Flinders Digital Health Research Centre, said security weaknesses existed at every interface between devices and software.
“Every time you have a handover from a device to a piece of software or another device is a potential vulnerability.”
Many problems could be avoided with scrupulous attention to software and system upgrades, but they would be easier to manage in a single medical practice than in one connected to 10 others, she added.
“What we want in healthcare is things that seem seamless. It needs to fit in with workflow and clinical practice.
“It does mean we have to start doing security by design rather than as an afterthought. That has been a problem because of the amount of time it takes to develop and manufacture devices, some of which have been on the market for decades.”
The half-day workshop was held by Integrating the Health Enterprises, an international network of some 900 organisations which runs ‘connectathons’ where vendors can trial their products and develop standards to solve interoperability problems.
Network chair Dr Vince McCauley, who is chief medical officer at Telstra Health’s Emerging Systems, noted perverse barriers to security.
“The cost of undergoing the testing the regulators want when you have upgraded the security of a device is so high, and the delays are so significant, it is a real negative driver for vendors to improve the security of their devices,” he said.
“So there are devices in the field that haven’t had their security addressed for years. That means they are at significant risk.
The car manufacturers had the same sort of problems, but they dealt with their regulatory environment so they can do those updates rapidly when they need to.”
