CybersecurityMaking mobile health more secure
With Internet-connected medical technology and digitized health records on the rise, cybersecurity is a growing concern for patients and hospitals alike. For example, a patient’s insulin pump may accept dosage instructions from unauthorized smartphones that have been infected with malicious software, or a patient’s fertility-tracking app could expose itself to nearby strangers by probing for a Bluetooth device to connect with. One research team is taking a holistic approach to strengthening the medical system’s security — from the computer networks that support hospitals, to the cloud, to the smart phone in your pocket.
David Kotz leads team to develop secured health records // Source: dartmouth.edu
With Internet-connected medical technology and digitized health records on the rise, cybersecurity is a growing concern for patients and hospitals alike. One research team is taking a holistic approach to strengthening the medical system’s security — from the computer networks that support hospitals, to the cloud, to the smart phone in your pocket.
David Kotz, a professor of computer science at Dartmouth College, leads a National Science Foundation (NSF)-funded project, titled “Trustworthy Health and Wellness” (THaW.org) which aims to protect patients and preserve the confidentiality of medical data as records move from paper to electronic form.
“Mobile medical applications offer tremendous opportunities to improve quality and access to care, reduce costs and improve individual wellness and public health,” Kotz says. “However, these new technologies, whether in the form of software for smartphones or specialized devices to be worn, carried or applied as needed, may also pose risks if they are not designed or configured with security and privacy in mind.”
For example, a patient’s insulin pump may accept dosage instructions from unauthorized smartphones that have been infected with malicious software, or a patient’s fertility-tracking app could expose itself to nearby strangers by probing for a Bluetooth device to connect with.
The NSF reports thatthe THaW team conducts research related to mobile and cloud technology for health and wellness applications. That portfolio includes authentication and privacy tools to protect health records, methods to secure small-scale clinical networks and efforts to reduce malicious activity in hospitals. The team is also training the next generation of computer scientists by involving undergraduate and high school students in research and by developing an exchange program for its postdoctoral fellows and research students.
“In complex environments having to do with health, wellness and medicine, there are a lot of moving parts involving devices, software, wireless, and wired communications, and other dimensions, which are rich in challenges for security, privacy and safety,” says NSF program officer Sol Greenspan. This project, he says, “brings together expertise and resources to work on these challenges.”
Supported by a $10-million, five-year grant from NSF’s Secure and Trustworthy Cyberspace (SaTC) program, the Frontier-scale project includes experts in computer science, business, behavioral health, health policy and healthcare information technology from Dartmouth College, Johns Hopkins University, the University of Illinois Urbana-Champaign (UIUC), the University of Michigan, and Vanderbilt University.
