The realm of wearable healthcare has transcended step counting and basic vitals monitoring. Millions of individuals are now under remote medical supervision, leveraging wearables for early disease detection, treatment management, and improved patient-doctor interaction.
As these Internet of Medical Things (IoMTs) become smarter and more connected, they become more and more vulnerable to cyber threats. The sheer volume of sensitive health information collected by these devices makes them a prime target for hackers. Unsecured data traveling through wireless networks is particularly vulnerable to interception. Recent research even highlights the potential for manipulating health data using sound waves or compromising location privacy through heat map leaks. The threats can go beyond an individual’s data theft and fraud, individual’s health data eventually becomes part of the physicians record and its theft, altering or loss can affect the financial health and reputation of the medical facility as well.
During the recent Ascension Seton ransomware attack reported on May 8, 2024, I showed up for a lab appointment, but my X-ray taken the week before never made it. A healthcare worker in Austin reported to me that all tests and authorizations coming or going from Ascension Seton were delayed. Slow manual processes of authorizing treatment and sharing and protecting data were in place. Exacerbating the situation was the fact that most healthcare providers today weren’t practicing in the 1980s and therefore had no practical experience operating in this throwback scenario.
Bottom line is any disruption of electronic health records (EHR) can have devasting and wide reaching consequences. My missing x-ray was a minor finger wound and not of severe consequence, but not so for a cardiac patient that depends on accurate portable heart monitor readings reaching their doctor on time. The consequences begin with degraded patient care and ripple through the entire healthcare system.
The Weak Underbelly of Wearable Medical Device Data Resiliency
Several inherent vulnerabilities plague IoMTs data resiliency—making sure data gets where it is needed, when it is needed, and is accurate and unaltered.
Missing Authentication: Many wearable devices lack basic security measures like PIN protection or user authentication.
Encryption Void: Third-party apps often neglect to encrypt data, leaving valuable health information exposed during transmission and storage.
Unavailable or unstable networks: We do not live in a world where network connectivity and bandwidth are always available all the time. Even networks assumed to be adequate have exceptional circumstances where bandwidth can be hogged by less urgent applications placing urgent data, such as medical device data, on standby (See Robotaxi blog post for an example of how Robotaxis stopped when network bandwidth was chewed up by cell phone users at a nearby concert in San Francisco).
Insecure Wireless Connections: Bluetooth, Near-field communication (NFC), and WiFi connections are convenient, yet they can be susceptible to hacking if not properly secured.
Lost, Stolen and Failed Devices: Ever wear your “waterproof” exercise watch to track laps in the pool? Then you know what I mean.
Cloud Storage Risks: Once sent from the wearable medical device for use by the medical team, any data stored in a cloud environment faces threats like DDoS attacks, SQL injection, or backdoor infiltration attempts.
These vulnerabilities exist and can be exploited to steal, alter or ransom sensitive medical records, posing significant risks to patients and healthcare providers.
Resilient Data Based on a Zero Trust Architecture: The Guardian Angel of Medical Wearables
To combat these challenges, a resilient data platform grounded in a "Zero Trust" security approach is essential. The Zero Trust security approach eliminates the concept of inherent trust within systems. Every device, user, network and application is constantly evaluated for legitimacy. This "never trust, always verify" approach minimizes potential damage if a device is compromised. However, security is not enough. With medical data the data must get where it is needed, by the time it is needed—think heart readings vs. minor x-ray—and it must be verifiably accurate and unaltered—think cancer diagnosis.
Kinnami AmiShare: The Resilient Data Champion for Medical Wearables
Kinnami's AmiShare secure resilient data mesh provides an ideal foundation for implementing resilient data and Zero Trust principles in complex distributed edge environments for devices such as laptops, mobiles, drones, robotics, autonomous systems and even medical wearables.
Medical wearables developers can leverage Kinnami AmiShare to foster trust and adoption within the healthcare industry. Resilient data—data availability, protection and security—is a requirement for medical devices, but it’s not the primary purpose of a medical device. Medical device developers, just want the data to be there and have depended upon a patchwork of solutions that provides data security, protection and availability separately from one another. Securing the data is just part of the problem; making sure the data gets where is needed and by the time it is needed involves intelligent system resource balancing and policy-driven data management, which scales.
That is how AmiShare delivers resilient data.
High Availability: Maintaining the flow of critical healthcare data—real-time access to health information—is vital in many scenarios. Kinnami AmiShare is designed to ensure data remains constantly accessible while maintaining robust security protocols.
Intelligent Data Management: An AI-driven policy engine manages data prioritization and movement, ensuring it's available where and when needed. AmiShare even operates autonomously in disconnected environments and will prioritizing urgent data for optimal real-time delivery when network availability is there.
Client-side End-to-end Encryption: AmiShare creates and maintains multiple copies of data across the distributed secure data mesh, ensuring data availability even in cases of loss or corruption. When data enters the AmiShare platform, it is fragmented, encrypted, replicated and distributed according to policy. Data remains encrypted at all times—at rest and in transit—shielding it from unauthorized use. Even if a device is lost or stolen the data on that device can be wiped by destroying encryption keys, which makes the data irretrievable and inaccessible.
Decentralized Architecture: AmiShare's is built for complex distributed environments and eliminates single points of failure. Policy-driven data management utilizes the best available paths for high availability.
Unstable or Degraded Networks: AmiShare seamlessly operates autonomously when connections are lost, ensuring data reaches its intended destination by prioritizing data movement based on pre-defined policies and selecting the best available route.
Continuous Monitoring and Surveillance: AmiShare’s audit system continuously surveils the system to monitor for changes in the environment and unexpected data access patterns.
Data Authenticity and Accuracy: AmiShare provides data provenance tracking, a clear history of data origin and modifications.
A Resilient Future for Wearable Healthcare
The future of wearable healthcare devices promises continuous improvement in medical outcomes. However, resilient data is critical to ensure data is where is it needed by the time it is needed. Kinnami AmiShare is resilient by design, purpose built for edge applications, and provides the high-level of data security and privacy that medical wearables must have.
If you’d like to discuss resilient data needs for medical wearables or any other edge-related resilient data challenge, please email me: patricia.friar at kinnami dot com
Comments