Privacy and Security and the Internet of Things

internet of things In the future, everything will be connected.

That future is almost here.

internet of things In the future, everything will be connected.

That future is almost here.

Over a year ago, the Federal Trade Commission held an Internet of Things workshop and it has finally issued a report summarizing comments and recommendations that came out of that conclave.

As in the case of the HITECH Act’s attempt to increase public confidence in electronic health records by ramping up privacy and security protections for health data, the IoT report — and an accompanying publication with recommendations to industry regarding taking a risk-based approach to development, adhering to industry best practices (encryption, authentication, etc.) — seeks to increase the public’s confidence, but are doing it the FTC way: no actual rules, just guidance that can be used later by the FTC in enforcement cases. The FTC can take action against an entity that engages in unfair or deceptive business practices, but such practices are defined by case law (administrative and judicial), not regulations, thus creating the U.S. Supreme Court and pornography conundrum — I can’t define it, but I know it when I see it (see Justice Stewart’s timeless concurring opinion in Jacobellis v. Ohio).

To anyone actively involved in data privacy and security, the recommendations seem frighteningly basic:

build security into devices at the outset, rather than as an afterthought in the design process;

train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;

ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;

when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;

consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;

monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.

consider data minimization – that is, limiting the collection of consumer data, and retaining that information only for a set period of time, and not indefinitely;

notify consumers and give them choices about how their information will be used, particularly when the data collection is beyond consumers’ reasonable expectations.

Stakeholders and FTC staff agreed that it is too soon for IoT-specific privacy and security legislation, and reiterated the agency’s the 2012 call for broad-based, flexible, technology-neutral data security and breach notification legislation. (See Health Populi for more on the IoT report.) The President seems to be in favor of strong, uniform, data privacy and security rules as well.

READ

How Healthcare Contact Centers Can Improve Patient Experiences

Uniformity would be a good thing. As things stand now, the FTC and OCR have overlapping jurisdiction when it comes to enforcing privacy and security rules with respect to health data. (Oh, and let’s not forget about state attorneys general and, while we’re at it, private lawsuits, as vehicles for enforcement). While overlapping jurisdiction should not matter to those of us who are in compliance with the rules, the problem is that the rules (at least on the FTC side) are not necessarily clear. That issue is magnified because FTC enforcement can include long-term monitoring and reporting on remediation and compliance, and can drive a company out of business. (Consider the LabMD case, just for instance.)

In addition, the IoT report covers some of the same ground as the FDA’s recently-issued draft guidance entitled General Wellness: Policy for Low Risk Devices, which complements last year’s mHealth guidance.

When the federals put a stake in ground — as they have with all of these issuances — innovation can proceed because we all have a better sense of the contours of the regulatory landscape. The problem is that these are guideposts that can shift in unpredictable ways in the future, or that can easily disappear — like the landmarks disappearing under a blanket of heavy snow falling outside my window as I type this post.

Nevertheless, it is possible to plan for that inscrutable future by building products and services, and communicating with partners, consumers and regulators, in a way that honors public expectations and the policies underpinning the government’s various declarations about data privacy and security.

READ

What To Know About Nutritional Supplement Packaging Safety

everything is connected / shutterstock

How to Succeed in Social Media Marketing in Healthcare

The Modern and Portable Oxygen Concentrators That You Need

What To Know About The Importance Of Healthcare Marketing

What To Know About Nutritional Supplement Packaging Safety

Why Meal Planning Is Good for Your Budget & Your Health

How Do I Become A Clinical Documentation Specialist?

How To Get Capital For New Equipment For Your Healthcare Business

Financial Benefits For People Suffering From Dementia

How to Succeed in Social Media Marketing in Healthcare

The Modern and Portable Oxygen Concentrators That You Need

What To Know About The Importance Of Healthcare Marketing

5 Strategies For Improving Healthcare Efficiency

Why Are Data Breaches So Expensive?

Hospitals Suffer From Denied Claims – Can Proper Patient Identification Help?

Robots Are Being Programmed To Perform Spine Surgeries

What To Know About The Importance Of Healthcare Marketing

Hospitals Suffer From Denied Claims – Can Proper Patient Identification Help?

All That You Need to Know About Clenbuterol

7 Important Benefits Of Electronic Health Records (EHRs)

Three Practical Uses For Wearables In EHR

How Wearable Tech Insights Are Improving Healthcare

The Roles Of AI, IoT, And Cybersecurity In Transforming Healthcare

Top 5 Ways Mobile Apps Are Impacting Health And Fitness Industries

How To Use SMS To Increase Customer Satisfaction In Healthcare

Why You Need To Know The Risks Of Self-Diagnosis

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

How Much Does An Ultrasound Machine Cost?

How To Accommodate Data Entry Services For Healthcare Industry

Why Are Data Breaches So Expensive?

The Modern and Portable Oxygen Concentrators That You Need

How Much Does An Ultrasound Machine Cost?

The Impact Of Mobile App Development On Health And Wellness

All That You Need to Know About Clenbuterol

How Has Technology Changed the Medical Sector In 2019?

What Will 5G Mean For Healthcare?

How Has Technology Changed the Medical Sector In 2019?

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

Important Things To Know About Advances In Healthcare Robotics

The Rise In Medical Malpractice Costs And How They Make An Impact

Nursing Professional’s Guide to Buying Shoes to Prevent Gate Ailments

Robots Are Being Programmed To Perform Spine Surgeries

Acceptance and the Changing Face of Plastic Surgery

What To Know About Nutritional Supplement Packaging Safety

How To Manage Your Fear Of Going To The Dentist

Methods for Protein Purification in Biotechnology

The Truth Behind Hair, Skin, and Nail Supplements

Dental Don’ts: Four Dangerous DIY Projects That Should Never Be Done

Top AED Models To Minimize Risks Of Cardiac Arrest 2019

3 Things To Consider When Looking For A Heart Doctor

The Value And Criticism Of Robot-Assisted Heart Surgery

Here’s What To Know About Sleep And Heart Health

How To Manage Your Fear Of Going To The Dentist

Dental Don’ts: Four Dangerous DIY Projects That Should Never Be Done

A Guide To Maintaining Oral Hygiene And Dental Health

6 Habits That Are Harmful To The Health Of Your Teeth

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

Understanding Hypnosis For Sleep And Its Major Benefits

How To Lose Weight And Eat Food You Love By Tracking Macronutrients

How In-Home Visits Might Help Reduce Childhood Obesity

How Does Fat Leave Your System When You Lose Weight?

The Positive Impact Of Outdoor Activities And Events On Kids’ Health

What All Good Cataract Surgeons Have In Common

Body Pain And Chiropractic Care: How Are They Related?

Four Ways to Banish Back Pain For Good

The Most Important Things To Know When Choosing A Chiropractor

A Guide to Caring for Bunions

Important Early Pregnancy Signs To Be Aware Of

Prenatal Care: 5 Great Reasons to Get a Prenatal Massage

Are You Healthy Enough to be a Surrogate?

5 Tips for a Healthy Pregnancy

Radiology as an Enterprise Model for Collaboration