It’s time for us to seriously consider which patient care and monitoring devices should be connected to the internet
In the first Jurassic Park movie, Jeff Goldblum’s character made this profound (for Hollywood) statement about humans manufacturing dinosaurs: “You were so busy proving you could do something that you never stopped to consider if you should.” There’s a lesson here for today’s technology innovators, and it is time for us all to seriously consider which patient care and monitoring devices should be connected to the internet.
Cyber security in healthcare will always be difficult, as medical care and practice require instant access to data and enabling diagnostic and treatment technologies. Healthcare workers simply don’t have the luxury of time to manage multi-factor authentication and complex encryption solutions as they move from room to room and patient to patient. Yet one important and overlooked strategy in this is for medical device and technology vendors to apply solid benefit-risk frameworks when deciding whether or not a medical device needs to be directly connected to the internet or a local data network.
For example, connecting an implantable pacemaker to the internet allows for software updates to be automated, the device’s performance to be monitored, and even the patient’s physiology to be tracked. This functionality confers clear benefits to the device manufacturer from the standpoint of quality control and risk management. It also offers potential benefits for patients, but what are the corresponding risks? Could hackers disrupt the device? Could loss of signal lead to a perception of device malfunction, possibly leading to unnecessary procedures? What about patient privacy? Technologically, these types of attacks are clearly possible, but how do we calculate the medical risk-benefit ratio? Unlike hospital acquired infections, adverse drug reactions, and other well quantified models of medical risk-benefit, we have no clear or common frameworks for cyber threats in healthcare. Yet with US hospitals currently having on average 10-15 connected devices per bed, we desperately need them.
Interestingly, while calculating the risk-benefit ratio of implantable pacemakers and other medical devices is complex, we are increasingly encountering another kind of situation where the tradeoffs are clear. More and more, we are bombarded with marketing and pop science content promoting gadgets, appliances, and devices with internet connectivity. Even if they are not medical devices and serve no purpose in the care of patients, in the internet of things (IoT) all these appliances and gadgets have the potential to compromise healthcare systems.
In 2017, the IoT brought us IoT coffee machines that took down factory networks; IoT fish tanks that were used to hack a casino; and hackers seizing control of everything from automobiles to hover scooters; and the list goes on and on. While an internet connected toaster appears convenient and harmless, the real danger is not the device itself, but—as in most of the cases above—the potential for that device to be exploited to gain entry to and attack or exploit a connected network.
Using the infection control metaphor of my previous BMJ Opinion piece, connected devices are infection vectors and their chains of transmission can be complex. For example, consider a grade school child that connects his or her laptop or phone to the wireless network at their school and at home. Now assume that he or she has a parent that connects their phone to that same home network and also to the hospital network where they are employed. You now have a viable chain of transmission from a public elementary school to a hospital network. Not only is this chain of access viable, it is actually attractive, as the hackers can target any institution indirectly, which provides a layer of misdirection that can shield their actions from investigation. This happens every day.
Where are the essential benefits to offset the cyber risks of IoT devices and appliances? How “wired” should even the most modern hospitals be? Healthcare workers, administrators, and engineers have the opportunity to exert control over cyber threats within their environments by simply keeping these things in mind when managing the physical clinical environment.
Yet the connected world we live in means that these questions aren’t just confined to medical technology or devices that are used in a healthcare setting. The simple truth is that cyber risk decreases as the number of connected devices (endpoints) is decreased. Perhaps we should be thinking of assessing the medical risk-benefit ratio of any device that is part of a chain of access to a healthcare system.
Eric D Perakslis is a scientist and technologist with more than 20 years direct experience in technology and cybersecurity within healthcare, academia, and biopharmaceutical research and development. He is currently the chief scientific officer at Datavant and visiting scientist in biomedical informatics at Harvard Medical School. Previously, Eric was the CIO and chief scientist (informatics) at the US FDA, as well as SVP Data Sciences at Takeda R&D and SVP R&D Informatics and IT at J&J Pharmaceutical R&D.
Competing interests: None declared.