Emerging Technological Case Study
Using intelligent building capabilities, e.g. sensors and tracking devices in a medical building will not only boost the security of the medical facility but also perform other related operations like in-field patient monitoring, environment monitoring, storage of patients’ data, monitoring the patient response to treatment and identifying patients’ location and status. These healthcare applications ensure effective Doctor-Patient interaction and communication. It also translates into the provision of proper treatment and medicare without disturbing the patients’ comfort. However, the deployment of this new technology in a medical facility without considering the risks involved can be detrimental to the entire plan (Klingbeil & Wark, 2008).
These healthcare applications, i.e. sensors and other associated IT systems are faced with security and privacy threats. The patient’s personal information is confidential and hence should be stored in a secure environment. The possible security and privacy concerns that the medical facility must put into consideration before venturing into the plan include:
Risks when examining the patients’ critical symptoms
While the doctors may be monitoring and snooping about the patients’ vital symptoms in their attempt to detect an illness, a third party may get the patients’ data through the communication channels using a receiver antenna. The intercepted messages might contain vital information about a patients’ location and identity and thus the patients’ security and privacy will be at stake.
Threats to the data transfer
In case hospitals choose to use the wireless transfer of information in unrestricted areas, the data transfer will be under threat. After sensors have collected physiological data about a given patient, the data have to be transmitted to the remote server of the medical facility. While on transit, a third-party might capture and change the physiological data. The patient will be at risk if the changed information is sent to the server. The main types of transit attack include interception, where a third-party illegally access the transit information, and message modification where the patients’ medical data is captured, then it is modified and thus becomes misleading to the users.
Threats on the patients’ location
Some medical sensors track the patients’ mobility to ensure that the exact position of the patient is known and confusion during emergencies is minimized. Location tracking systems utilize radiofrequency waves, received signal indicators, etc. Therefore, if a third-party receives the patients’ radio signals, they might be in a position to locate the patient.
Activity-based risks
A third-party can get the health status of a patient who might be exercising or practicing in a fitness center. Using the captured data, they might guess the activity that the patient is doing and sent misleading exercise tips and messages to them thus interrupting the entire diagnosis procedure.
Replay risks
In the case of a home care facility, a third-party may attack the wireless relay point when a patient is transmitting to the main server. Usually, Rely Nodes are not guarded and a third-party may gain access to the Rogue Rely Node causing a false alarm in the remote sites. This is the most dangerous threat because it defeats the entire purpose of wireless connectivity in a medical facility (Stell, Sinnott & Jiang, 2009).
Regarding privacy issues, it stands out that the patients’ data records and information should be confidential and can only be given out with their permission. The major privacy issues associated with the above security concerns include:
Abuse of medical information
The flow of patients’ health information in the communication channel is subjected to abuse and their privacy is breached.
Leakage of prescriptions
It is clear that a lot of data leak to the third-party including the doctors’ medical prescriptions to the patient. Therefore, the privacy of the patient is abused and this can even lead to death.
Effects on the social life of the patient
When the patients’ health records leak to the public, and maybe they are suffering from mental illness, their life might not be the same again if the public fails to treat them fairly (Varandas, Vaidya & Rodrigues, 2010).
To curb the above threats, the medical facility can utilize the following mechanisms:
Cryptography
Bearing in mind that medical sensor networks carry sensitive patients’ health information, strong cryptographic functions, e.g. encryption and authentication, are paramount requirements for mounting any secure healthcare technological application. Encryption and authentication will ensure that access to patients’ data on transit by outsiders is prevented.
Management protocols
Another way of securing network applications is through management protocols. Proper implementation of network management protocols (NMP) will protect the network nodes from hackers thus efficiently managing the network resources.
Protected Routing
In the case of home care, the sensor will have to transmit patients’ data to a remote server which might be far away from the network range. Therefore, protective routing and message forwarding become a crucial service for end-to-end communication. Developing a protected routing protocol will ensure the privacy and security of the networks.
Secure Localization
Tracking devices and sensors allow the mobility of patients’ medical data accounts to a remote server. Therefore, patients should notify the administrator about their new locations to incase they decide to move.
References
Klingbeil, L., & Wark, T. (2008).A wireless sensor network for real-time indoor localisation and motion monitoring. Proceedings of the 2008. International Conference on Information Processing in Sensor Networks, 30(3),39–50. Web.
Stell, A., Sinnott, R., & Jiang, J. (2009).A clinical grid infrastructure supporting adverse hypotensive event prediction. Proceedings of the 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, 12(01), 508–513. Web.
Varandas, C., Vaidya, B., & Rodrigues, J. (2010). mTracker: A mobile tracking application for pervasive environment. Proceedings of the 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops, 32(07), 962–967. Web.