Archives     Advertise     Editorial Calendar     Subscribe     Contact Us    


Navigating the Risks of New Healthcare Technologies


 

The appetite among healthcare providers for new technologies is voracious. The benefits are obvious: Individual providers and facilities want to improve care and increase convenience and reputations. New technology, however, involves risks - both to patients and in working through internal "glitches." The potential for hacking and loss of security, privacy and access increases these risks.

In considering new technologies and associated risks, it is helpful to categorize by how soon they become available.

The Near-Term: Connected Devices/IOT.

Devices that are connected to an open network are "connected devices." When those devices can then communicate with each other via the internet, they become part of the Internet of Things (IOT).

  • What it Does: Just about everything. Relevant devices include monitors in hospitals, wearables and machines to auto-administer therapies or track real-time health data.
  • Why We Want It: Connected devices and the medical IOT (mIOT) are not only part of a larger increase in telehealth, but also can increase efficiencies, reduce costs and improve care for those with chronic conditions. Connection to a network permits timely monitoring, easier delivery of software, and utilization of health-related applications by patients.
  • What's the Problem? Imagine receiving a text that your pacemaker has been hacked, and if you don't pay bitcoin into a foreign account, it will be turned off at midnight. The potential risks are as varied as the imagination. Often older technologies are retrofitted to connect to the internet without having security "baked in."
  • What Do I Do Now? You can think of the security risks of connected devices/mIOT as a manufacturing issue, a vendor issue, or a security issue. In fact, it's all three:
  • Manufacturing processes for medical devices must ensure that security is implemented from the ground up, particularly for devices with software that can be connected.
  • Vendor assessments must be robust and ongoing.
  • Devices should be included in an overall compliance program to assess, test (including pen tests) and monitor security.


The Mid-Term:
Artificial Intelligence/Machine Learning.1

Our ability to function and understand the world around us depends on our capacity to find and use patterns in our environment. AI/ML is a collection of different methods for permitting machines to do the same - learn on their own.

  • What it Does: To simplify, it takes input, gives potential responses, receives feedback and refines its responses. For example, show a machine enough pictures of fish, and it can identify a fish in a picture that it has never seen before.
  • Why We Want It: There is a correlation between how many humans are on this planet and the rate of innovation.2 To oversimplify, the more brains, the more likelihood that one of them will belong to Einstein. AI/ML allows computers to supplement humans in innovation. AI is not an incremental change but a changing of eras in which machines begin undertaking tasks that humans may not even understand. For the most optimistic, AI/ML has the potential to help create a frictionless, evolved society.
  • Where's the Singularity? You've seen the movies. Before our new overlords take over,3 there are near-term concerns. For example, the inability to know whether we're interacting with a human or a bot. Authentication, spoofing, phishing and other issues are rife.
  • What Do I Do Now? In the short term, authentication and authorization controls are required. Multi-factor authentication is a good fix. In addition, old-fashioned human contact can help. Policies that require phone calls in some circumstances (such as unexpected requests for access to data) can save headaches.


The Long-Term: Distributed Ledger Technology (Blockchain).

You likely know this from Bitcoin, but its potential for the healthcare industry is far beyond cryptocurrency.

  • What it Does: DLT connects numerous machines to increase the security and reliability of information. In addition, it drives the sharing of information and completion of transactions without a centralized authority.
  • Why We Want It: Blockchain is already impacting supply chain and other use cases and could make the counterfeiting of pharmaceuticals impossible. It could make medical records immediately available and completely secure (don't expect this in the short-term) and create "smart contracts" that are self-enforcing.
  • What's the Problem? Blockchain is slow, energy-intensive and limited (contrary to popular imagination, medical records may never be stored on a distributed ledger). Also, blockchain is software and thus subject to the imperfections of designers. Individuals can take advantage of flaws, and there is a threat of "51 percent attacks" where a limited number of actors control the entire blockchain.
  • What Do I Do Now? A good percentage of healthcare entities are considering jumping into DLT, but it's important to keep in mind the risks, as well. Consider whether to have an open or restricted (permissioned) network. If restricted, how limited, and is there a threat of a 51 percent attack? Also, consider whether the ledger should be anonymous or identified, and whether private or public (i.e., no centralized management). Each of these decisions should be based not only on the business but also the potential security of the network's members.

Machines are getting smarter faster ... and keeping up with threats will become increasingly difficult until, at some point, we rely on machines to protect us from other machines. Until then, healthcare industry professionals have a responsibility to implement technology wisely.

1 Some may note that placing AI/ML in the Mid-Term understates its current impact. We place it here because the growth of AI/ML is likely to be exponential, replacing the current drizzle of ML with a hurricane of AI in the future.

2 See, for example, https://www.sciencedirect.com/science/article/pii/S0040162513001261.

3 01010011 01001111 01010011


Roy Wyman is a partner of Nelson Mullins Riley & Scarborough LLP in Nashville, co-chair of Nelson Mullins' Cybersecurity and Privacy Industry Group and is a member of the Healthcare Regulatory and Transactional team. He can be reached at roy.wyman@nelsonmullins.com or (615) 664-5362.







WEB:

Nelson Mullins

 
Share:

Related Articles:


Recent Articles

Alexander Visits Neighborhood Health at East Side in Nashville

VIDEO of United States Senator Lamar Alexander (R-Tenn.) visiting the Neighborhood Health at East Side health center in Nashville, where he learned more about what the center is doing to provide access to health care services in urban, underserved areas of Nashville.

Read More

AMA Grants MycoDART CPT Code For Its Life-Saving Test

MycoDART, Inc., developer of proprietary DNA tests, announced its second patented assay has been granted a CPT code from the American Medical Association.

Read More

Low-level Alcohol Use Increases Miscarriage Risk

Women who consume alcohol during pregnancy -- even in small amounts -- have a 19% greater risk of miscarriage than women who don't use alcohol, according to a new study by Vanderbilt researchers.

Read More

Beating the Odds

Vanderbilt Children's Hospital researchers play key role in groundbreaking study.

Read More

Hot Topics in Healthcare Law

Never a dull moment ... the highly regulated nature of the healthcare industry keeps America's health lawyers hopping.

Read More

Vanderbilt Children's New Program Leaders, Rankings

Monroe Carell Jr. Children's Hospital at Vanderbilt has recently welcomed new leaders to oversee specialty programming and again been recognized nationally in multiple specialties.

Read More

Insuring Kids

Local experts offer insight over ongoing coverage concerns for Tennessee children

Read More

Services for Mom & Baby Expanding at TriStar Centennial

Innovative initiatives at TriStar Centennial designed to keep mom and baby safe, together.

Read More

Another Option to Address Pediatric ADHD

NeuroSigma recently received FDA clearance for the first device to treat pediatric ADHD, offering providers, patients and parents a new alternative to medication.

Read More

Back to School Reminders for Patients & Providers

Back-to-school season is here, and it's a great time to talk to patients and parents about starting off the year with healthy habits

Read More

Email Print
 
 

 

 


Tags:
AI, Artificial Intelligence, Augmented Intelligence, Blockchain, Cybersecurity, Distributed Ledger Technology, DLT, Hacking, Healthcare Technology, Machine Learning, ML, Nelson Mullins, Roy Wyman
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: