Privacy and Security and the Internet of Things

internet of things In the future, everything will be connected.

That future is almost here.

internet of things In the future, everything will be connected.

That future is almost here.

Over a year ago, the Federal Trade Commission held an Internet of Things workshop and it has finally issued a report summarizing comments and recommendations that came out of that conclave.

As in the case of the HITECH Act’s attempt to increase public confidence in electronic health records by ramping up privacy and security protections for health data, the IoT report — and an accompanying publication with recommendations to industry regarding taking a risk-based approach to development, adhering to industry best practices (encryption, authentication, etc.) — seeks to increase the public’s confidence, but are doing it the FTC way: no actual rules, just guidance that can be used later by the FTC in enforcement cases. The FTC can take action against an entity that engages in unfair or deceptive business practices, but such practices are defined by case law (administrative and judicial), not regulations, thus creating the U.S. Supreme Court and pornography conundrum — I can’t define it, but I know it when I see it (see Justice Stewart’s timeless concurring opinion in Jacobellis v. Ohio).

To anyone actively involved in data privacy and security, the recommendations seem frighteningly basic:

build security into devices at the outset, rather than as an afterthought in the design process;

train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;

ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;

when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;

consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;

monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.

consider data minimization – that is, limiting the collection of consumer data, and retaining that information only for a set period of time, and not indefinitely;

notify consumers and give them choices about how their information will be used, particularly when the data collection is beyond consumers’ reasonable expectations.

Stakeholders and FTC staff agreed that it is too soon for IoT-specific privacy and security legislation, and reiterated the agency’s the 2012 call for broad-based, flexible, technology-neutral data security and breach notification legislation. (See Health Populi for more on the IoT report.) The President seems to be in favor of strong, uniform, data privacy and security rules as well.

READ

How To Use SMS To Increase Customer Satisfaction In Healthcare

Uniformity would be a good thing. As things stand now, the FTC and OCR have overlapping jurisdiction when it comes to enforcing privacy and security rules with respect to health data. (Oh, and let’s not forget about state attorneys general and, while we’re at it, private lawsuits, as vehicles for enforcement). While overlapping jurisdiction should not matter to those of us who are in compliance with the rules, the problem is that the rules (at least on the FTC side) are not necessarily clear. That issue is magnified because FTC enforcement can include long-term monitoring and reporting on remediation and compliance, and can drive a company out of business. (Consider the LabMD case, just for instance.)

In addition, the IoT report covers some of the same ground as the FDA’s recently-issued draft guidance entitled General Wellness: Policy for Low Risk Devices, which complements last year’s mHealth guidance.

When the federals put a stake in ground — as they have with all of these issuances — innovation can proceed because we all have a better sense of the contours of the regulatory landscape. The problem is that these are guideposts that can shift in unpredictable ways in the future, or that can easily disappear — like the landmarks disappearing under a blanket of heavy snow falling outside my window as I type this post.

Nevertheless, it is possible to plan for that inscrutable future by building products and services, and communicating with partners, consumers and regulators, in a way that honors public expectations and the policies underpinning the government’s various declarations about data privacy and security.

READ

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

everything is connected / shutterstock

Understanding The Impact Of Google’s Medic Update On Health Sites

How Health Facilities Can Prepare For Natural Disasters

10 Major IT Challenges Healthcare Organizations Are Facing Today

Navigating The Changing Landscape Of The Medical Marijuana Industry

Why Meal Planning Is Good for Your Budget & Your Health

How Do I Become A Clinical Documentation Specialist?

How To Get Capital For New Equipment For Your Healthcare Business

Financial Benefits For People Suffering From Dementia

How Health Facilities Can Prepare For Natural Disasters

10 Major IT Challenges Healthcare Organizations Are Facing Today

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

Top Tips For A More Eco-Friendly Healthcare Facility

Telemedicine Is An Efficient Tool To Transform The Healthcare Industry

How Startups Are Bringing Healthcare To Rural Areas

7 Important Benefits Of Electronic Health Records (EHRs)

Cataract Procedures: Which One Is Best For You?

7 Important Benefits Of Electronic Health Records (EHRs)

Three Practical Uses For Wearables In EHR

Patient Misidentification: Just How Damaging Is It?

Dealing With A Health Crisis? Avoid Medical Identity Theft With These Tips

Top 5 Ways Mobile Apps Are Impacting Health And Fitness Industries

How To Use SMS To Increase Customer Satisfaction In Healthcare

Top 5 Advantages Of A Heart Rate Monitor – For Workouts And Daily Life

Google Fitness Platform And The Future Of Fitness Apps

Why You Need To Know The Risks Of Self-Diagnosis

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

What Goes Into The Cost Of A CT Scanner?

7 Key Factors to Consider When Choosing a Family Dentist

Here Is Everything You Need To Know To Purchase A New MRI Machine

What Goes Into The Cost Of A CT Scanner?

Here Is Everything You Need To Know To Purchase A New MRI Machine

How Anesthesia Can Be Delivered With Anesthesia Machines

The Roles And Responsibilities Of An Audiologist

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

Important Things To Know About Advances In Healthcare Robotics

Here’s How Technological Innovation Is Transforming Healthcare

Origin of Popular Surgeries

What to Expect as a First Time User of CBD Gummies

Four Signs That Show You Need Rehabilitation

How To Choose The Right Dentist: Try These 6 Simple Steps

Dealing With A Health Crisis? Avoid Medical Identity Theft With These Tips

The Muddled Relationship Between Your Health Initiatives and Credit Score

Crooked Teeth vs. Perfect Teeth: Clip-On Veneers

How Does Fat Leave Your System When You Lose Weight?

Pros And Cons Of Flossing: Why Is This Dental Tip Overlooked?

The Positive Impact Of Outdoor Activities And Events On Kids’ Health

3 Things To Consider When Looking For A Heart Doctor

The Value And Criticism Of Robot-Assisted Heart Surgery

Here’s What To Know About Sleep And Heart Health

Is It Time to See a Cardiologist?

Crooked Teeth vs. Perfect Teeth: Clip-On Veneers

Pros And Cons Of Flossing: Why Is This Dental Tip Overlooked?

Dental Anxiety: Why It’s Common And How To Deal With It

5 Simple Tips for Optimal Oral Health

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

How Does Fat Leave Your System When You Lose Weight?

The Positive Impact Of Outdoor Activities And Events On Kids’ Health

How Can Parents Prevent Obesity In Children

Do Fat Burners Work? Busting Five Weight Loss Supplement Myths

Four Ways to Banish Back Pain For Good

The Most Important Things To Know When Choosing A Chiropractor

A Guide to Caring for Bunions

5 Best Exercises to Strengthen Your Lower Back

Are You Healthy Enough to be a Surrogate?

5 Tips for a Healthy Pregnancy

3 Nutritious Foods To Eat During Your Second Trimester Of Pregnancy

A High Fiber Diet During Pregnancy May Reduce Celiac Risk In Children

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week