Personal health data, alongside financial data, is by its nature one of the most closely guarded areas of personal information. New connected services depend on personal data being collected, transferred (usually to a cloud based platform) and analyzed for actionable insights. And the amount of data we can effectively leverage seems to increase exponentially with every new smart device and wearable product that reaches the market. Given the personal nature of the data being collected, security and privacy is the key consideration.
Both healthcare companies and regulatory bodies are acknowledging the importance of this collected healthcare data. In Europe the recently completed General Data Protection Regulation (GDPR), which comes into force in May 2018, has been introduced in part to ensure that healthcare consumers are protected.
Emerald DeLeeuw, CEO of GDPR consultants Euro Comply explains, “Any company, anywhere in the world, that handles the data of EU citizens can be fined up to 4% of their annual turnover for non-compliance with the GDPR. This ensures that life sciences companies will be on the right side of this legislation; reviewing their policy adherence, IT infrastructure and ensuing suitable staff training. Companies are responsible for their entire data supply chain, so can be skipped as service providers if they are not compliant. I think the EU recognizes the benefits of integrated healthcare, and the GDPR is legislating to make it as safe as possible.”
Another consideration with our new integrated healthcare ecosystem is the security of our connected devices themselves. Recent high profile episodes have revealed that some connected consumer devices are more secure than others. For example routers have been shipped with easy to guess passwords such as “test” or “admin”. This means that these devices could be compromised by inbound connections, and then used to send requests to high profile websites as part of “botnet” attacks.
One innovative approach to offering a connected healthcare solution while avoiding these dubious inbound requests was outlined recently at the IoT Solutions World Congress in Barcelona, where I spoke with Philips’ John Romero and he outlined the Philips eAlert solution. This hardware device sits alongside Philips “big iron” machines such as MRI and CT scanners and measures environmental variables, alerting an engineer by SMS if the data suggests a repair will be needed soon. The end result is that these sophisticated pieces of equipment are repaired before the hospital even knows there is an issue that needs repairing. An additional benefit of using this device is that there is not an inbound connection option for the Philips eAlert, aside from secure hospital networks. This means that the security issues which have plagued a large number of connected devices are simply not an issue here, as rogue traffic requests have no easy way of getting into the connected device to take part in an attack.
What is clear is that consumer appetite for integrated healthcare solutions is rising, while healthcare professionals themselves view this trend hugely positively. Our collective concerns about privacy and security are being met with protective legislation such as the GDPR, and innovative solutions such as the Philips eAlert.
So will the Phono Sapien also come to rely on their mobile device for healthcare? I would say this is the tip of the iceberg. With the introduction of new data collection technology such as wearables, and ever-sophisticated mobile solutions extending healthcare beyond the hospital, we are on the verge of a personal healthtech revolution.