Privacy and Security and the Internet of Things

internet of things In the future, everything will be connected.

That future is almost here.

internet of things In the future, everything will be connected.

That future is almost here.

Over a year ago, the Federal Trade Commission held an Internet of Things workshop and it has finally issued a report summarizing comments and recommendations that came out of that conclave.

As in the case of the HITECH Act’s attempt to increase public confidence in electronic health records by ramping up privacy and security protections for health data, the IoT report — and an accompanying publication with recommendations to industry regarding taking a risk-based approach to development, adhering to industry best practices (encryption, authentication, etc.) — seeks to increase the public’s confidence, but are doing it the FTC way: no actual rules, just guidance that can be used later by the FTC in enforcement cases. The FTC can take action against an entity that engages in unfair or deceptive business practices, but such practices are defined by case law (administrative and judicial), not regulations, thus creating the U.S. Supreme Court and pornography conundrum — I can’t define it, but I know it when I see it (see Justice Stewart’s timeless concurring opinion in Jacobellis v. Ohio).

To anyone actively involved in data privacy and security, the recommendations seem frighteningly basic:

build security into devices at the outset, rather than as an afterthought in the design process;

train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;

ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;

when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;

consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;

monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.

consider data minimization – that is, limiting the collection of consumer data, and retaining that information only for a set period of time, and not indefinitely;

notify consumers and give them choices about how their information will be used, particularly when the data collection is beyond consumers’ reasonable expectations.

Stakeholders and FTC staff agreed that it is too soon for IoT-specific privacy and security legislation, and reiterated the agency’s the 2012 call for broad-based, flexible, technology-neutral data security and breach notification legislation. (See Health Populi for more on the IoT report.) The President seems to be in favor of strong, uniform, data privacy and security rules as well.

READ

What You Should Know Before Filling A Wrongful Death Claim

Uniformity would be a good thing. As things stand now, the FTC and OCR have overlapping jurisdiction when it comes to enforcing privacy and security rules with respect to health data. (Oh, and let’s not forget about state attorneys general and, while we’re at it, private lawsuits, as vehicles for enforcement). While overlapping jurisdiction should not matter to those of us who are in compliance with the rules, the problem is that the rules (at least on the FTC side) are not necessarily clear. That issue is magnified because FTC enforcement can include long-term monitoring and reporting on remediation and compliance, and can drive a company out of business. (Consider the LabMD case, just for instance.)

In addition, the IoT report covers some of the same ground as the FDA’s recently-issued draft guidance entitled General Wellness: Policy for Low Risk Devices, which complements last year’s mHealth guidance.

When the federals put a stake in ground — as they have with all of these issuances — innovation can proceed because we all have a better sense of the contours of the regulatory landscape. The problem is that these are guideposts that can shift in unpredictable ways in the future, or that can easily disappear — like the landmarks disappearing under a blanket of heavy snow falling outside my window as I type this post.

Nevertheless, it is possible to plan for that inscrutable future by building products and services, and communicating with partners, consumers and regulators, in a way that honors public expectations and the policies underpinning the government’s various declarations about data privacy and security.

READ

Implementing Data To Increase Employee Engagement In Healthcare

everything is connected / shutterstock

How Do I Become A Clinical Documentation Specialist?

Top 5 Points You Need To Know About Medical Marketing

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

How To Get Capital For New Equipment For Your Healthcare Business

How Do I Become A Clinical Documentation Specialist?

How To Get Capital For New Equipment For Your Healthcare Business

Financial Benefits For People Suffering From Dementia

Cautious Health Care Lending Can Prove Lucrative For The Lenders

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

Top Tips For A More Eco-Friendly Healthcare Facility

Why Mobile Apps Are Indispensable For Telemedicine

Why It’s Key To Take Care Of Medical Debt To Avoid Health Issues Later

What To Know About How mHealth Apps Benefit Heart Patients

How Appropriate Technology Enhances Physician Answering Services

Patient Engagement Helps Healthcare Systems And Patient Outcomes

Online Healthcare: A Helping Hand In Today’s Society

7 Reasons You Need Digital Marketing For Your Medical Practice

Why It’s Key To Take Care Of Medical Debt To Avoid Health Issues Later

Tips To Follow To Help Avoid Surprise Medical Bills

The Global Eye Tracking System Market Is Expected To Skyrocket In The US

Patient Engagement Helps Healthcare Systems And Patient Outcomes

The Future Of Real Time Location Systems In Healthcare

The Global Eye Tracking System Market Is Expected To Skyrocket In The US

Why HIPAA Matters To mHealth Apps More Than Ever

Why You Need To Know The Risks Of Self-Diagnosis

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

What To Know About How mHealth Apps Benefit Heart Patients

Is Virtual Reality the Next Big Thing for Mental Health?

Patient Engagement Helps Healthcare Systems And Patient Outcomes

10 Important Technology Tips For Healthcare Workers

Here’s Why Plastic Surgery Shouldn’t Be Taboo Anymore

How Tech And Medical Equipment Is Changing The Patient Approach

The Value And Criticism Of Robot-Assisted Heart Surgery

Critical Features To Include In Your Health And Nutrition App

Is Virtual Reality the Next Big Thing for Mental Health?

Patient Engagement Helps Healthcare Systems And Patient Outcomes

Here’s Why Plastic Surgery Shouldn’t Be Taboo Anymore

5 Technologies That Are Revolutionizing Healthcare

How to Get Started with Volunteering to Take Care of Animals Abroad

What The CVS Healthcare Expansion Means For Medical Practices

The Status Of Child Health And Wellness In America Today

What Are Home DNA Tests And How Do They Change Our Life?

Why The Psoriatic Arthritis Treatment Market Is Set To Grow

How Serious Is Sugar Addiction, And Should You Be Worried About It?

3 Nutritious Foods To Eat During Your Second Trimester Of Pregnancy

Try These Dental Hygiene Tips For A Healthy Lifestyle

11 Overlooked Flossing and Brushing Mistakes that Cause Oral Health Issues

The Value And Criticism Of Robot-Assisted Heart Surgery

Here’s What To Know About Sleep And Heart Health

Is It Time to See a Cardiologist?

Can Artificial Intelligence Diagnose Illnesses Better Than Other Methods?

Try These Dental Hygiene Tips For A Healthy Lifestyle

11 Overlooked Flossing and Brushing Mistakes that Cause Oral Health Issues

Healthy Teeth is not an Option! It’s a way of Healthy Life

Can Teeth Whitening Kits Really Improve Your Smile?

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

How Serious Is Sugar Addiction, And Should You Be Worried About It?

5 Ways Meditation Can Help You With Weight Loss

Fueling Your Exercise Goals

How To Boost Your Metabolism For Effective Weight Loss

Your Guide to Foot Gains: The 7 Best Foot Exercises for Stronger and More Flexible Feet

Causes Of Lower Leg Pain And Sore Calves To Know About

How To Take Care Of Your Bone Health In Your Forties

Body Pain: Causes, Prevention, And Treatment Tips To Know

3 Nutritious Foods To Eat During Your Second Trimester Of Pregnancy

A High Fiber Diet During Pregnancy May Reduce Celiac Risk In Children

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week

2015 CPT Coding Changes and Your Radiology Practice

How Serious Is Sugar Addiction, And Should You Be Worried About It?