IoT will become all-pervasive in industry, business and domestic settings, and healthcare is one of the sectors which has a great deal to gain. Introduction of IoT-type technologies is already underway – for example in wearables, implantables, injectables, robotics and automation. Yet there is likely to be pain as adoption rates increase and significant concerns already exist across the board with the security of the new products and systems.
Indeed, it is likely there will be headlines (of the shocking and sensational kinds) before we truly get on top of the emerging issues:
If someone hacked your records and found out your blood type, or prevented access to your medical records – would that be serious? To some degree – yes, but the healthcare industry has been dealing with those problems for decades.
What if your pacemaker, or insulin pump was compromised and (remotely) increased speed or dosage? That could be fatal of course – and widely understood. But what needs to be done?
One part of the challenge is in the culture. Many health professionals and administration staff are simply not aware of the threats that they could/will encounter. Default/easy to guess passwords are still widespread, communications ports are still being left open – Bluetooth enabled (0000/1234) defibrillator anyone?
So the industry must work harder on awareness and training.
And what responsibilities are incumbent on the eco-system, the supply chain, the regulators, the patient? The messy mix of applications make for a complex situation that needs to be managed at a speed consistent with the need to transform healthcare – crossing geographical, as well as legal boundaries.
Hear more about the challenges from Caroline and her call to action on Youtube.
Caroline Rivett, KPMG
Caroline used her talk at the IoT security conference to issue a call to action for the healthcare industry, and reach out to cyber security professionals.
