Your personal health information is about 10 times more valuable than a stolen credit card number on the black market.
Technology pioneer isn't a role people associate with former vice president Dick Cheney, but technology security experts today give his medical advisory team props for a move made back in 2007 — disabling the wireless capability on Cheney's pacemaker. The act was, of course, a cautionary effort against any entity that might have tried to hack it to cause Cheney harm.
This is old news — Cheney revealed the story in 2013 during an interview on 60 Minutes — but in a year when the world's largest technology, medical device and health-care firms are betting big and fast on wearable technology's role in delivering patients a more precise and cost-effective way to manage their health, experts are worried that the pace of updating data-privacy laws and building infrastructures with optimal levels of security doesn't match the speed of the market's technological rollout.
The risks to consumers depend on what type of device they're wielding. In rare instances, weak links or endpoints in a cloud-based network powering something like a wearable insulin pump could be life threatening, as it opens the door to hackers tampering with them. On the privacy side, personal data culled from all types of wearables — namely, fitness trackers — are finding their way to employers, insurance companies and the black market, resulting in a range of grievances, from higher insurance premiums to identity theft.
"It's a consumer-driven movement; consumers are demanding medical-grade products that are coming from companies that are well versed in consumer electronics," said David Niewolny, health-care segment manager for Freescale Semiconductor. "These folks aren't familiar with the security type requirements that are needed for a health-care market vs. a consumer market."
Niewolny is referring to the firms that make up more than 80 percent of the health-related wearable technology market, the activity tracker upstarts like Fitbit and technology giants like Apple that are helping drive a new digital health-conscious movement into a $2.8 trillion health-care industry. Research firm Gartner estimates that more than 1.4 billion health and fitness units will ship by 2020, up from roughly 300 million today.
The segment that includes certified medical devices like continuous glucose monitors is also growing — but more slowly, given the regulatory approval process they pass through. Since 1997, the FDA has cleared 115 digital health devices, at a rate of roughly 20 per year. This year approximately 40 digital health devices have been cleared, but that includes updated/revised versions of existing products.
While the National Institutes of Health is researching ways to use wireless consumer and certified devices to collect massive amounts of health data for its Precision Medicine Initiative Cohort Program, firms like Samsung, Apple and IBM are working on platforms to enable wearables to provide to health-care staffers a more comprehensive and immediate picture of a patient's health.
To that end, medical technology firm Medtronic recently enabled real-time streaming from its continuous glucose monitor to an iPhone app, which allows diabetics to know blood sugar levels at all times. The system alerts patients when levels move too low or too high. The next iteration, which just completed a pilot test of 100 patients, will leverage the data analytics ability of IBM's Watson Health unit to alert diabetics as to when they're likely to experience a hypoglycemic event — hours in advance.
"That's the Holy Grail — the ability of sensors to continuously track you so if there looks like there's been a change in your health, you're notified before the event," said cardiologist Leslie Saxon, a professor of clinical medicine at the University of Southern California. Saxon also heads up USC's Center for Body Computing, which is studying how to engage people in sharing health-related information via social networks.
As this technology evolves and becomes more sophisticated in the way it harnesses and transmits tiny bits of data about an individual's health and behavior, so must the security protocols that preserve confidentiality and protect the device from being attacked directly.