How Privacy Moves to Keep Up with the Internet of Things
There’s little doubt that the insulin pump is one of the most life-changing inventions in recent medical innovation.
A thin, permanent device administers insulin at the push of a button, eliminating the need for the patient to inject himself. An included glucose monitor checks the patient’s blood sugar and tells the patient how much insulin to administer without pricking a finger, meaning there are no more needles and less risk of a missed dose.
The installed glucose meter is what has one endocrinologist concerned, though. It’s not because it won’t work, but because Dr. David Klonoff, Medical Director of the Diabetes Research Institute at Mills-Peninsula Medical Center in San Mateo, CA, sees the potential for violating the patient’s privacy and even causing physical harm if the device is hacked. How do you break into a monitor that you wear on your hip? Through the cloud.
One of the chief design features of the glucose meter in the insulin pump is that it sends readings to the patient’s doctor automatically in order to give the doctor a clear overview of what happens with the patient’s system when he’s not sitting in the exam room. Even better, parents of young patients can monitor their kids’ blood sugar from an app on their phones at all times; it might sound like “helicopter” parenting, but it actually means these parents don’t have to restrict their kids’ activities and can feel good about letting them go spend the night with a friend or attend an out-of-town school field trip. That kind of data transmission happens through the cloud, meaning the device connects to the internet wirelessly, and without the patient or the doctor really knowing who can see the information.
Dr. Klonoff has a very specific concern in relation to these cloud-based meters, as well as other Internet of Things medical devices like pacemakers, and that’s the potential for hackers to access the data. While a hacker cannot manipulate the insulin pump itself because it’s not connected to the internet, they could theoretically manipulate the data of the glucose meter, causing the patient to give himself more or less insulin than he actually needs.
That might sound like the stuff of the next James Bond movie, in which the cybercriminals kill a software mogul through his cloud-based pacemaker, but the reality is far less alarming. For Dr. Klonoff, it’s not so much that he fears hackers will actually do this, but that there’s no set of standards in place right now to prevent privacy and security breaches with regards to Internet-connected medical equipment. That’s why he’s at work on establishing the medical practice guidelines for protecting patients’ privacy, whether it’s from hackers or data trackers.
This is one of the chief concerns privacy experts have about practically all new technology. While engineers work to improve our lives through innovation, security experts and even ethicists have to examine the ramifications of the technology and make sure we’re not opening the door to intruders of any kind. Unless security protocols are created right alongside the technology itself, there’s always the risk that the door will be closed and locked only after a cybercriminal has taught us that he can walk through it.