Are Smart Pills a Smart Idea for the IoT?

Cloud Security Health

Smart Pills and IoT

It stands to reason that the medical industry would be the most likely place for groundbreaking and disruptive tech advancement. An aging baby boomer population—a huge slice of America

as we know it—is seeking to prolong their parents’ lives and eventually their own. To put it lightly, there’s a lot of money in medicine.

Healthcare accounts for about 17 percent of the nation’s GDP, and an ever-ballooning part of the American healthcare product is a suite of tech innovations collectively called telehealth, a term we’re seeing a lot of these days. Regis College defines telehealth not as a particular thing, but as something people do:

Medical professionals use the Internet to gather and share information as well as monitor the health conditions of patients by using peripheral equipment and software such as video conferencing devices, store-and-forward imaging, and streaming media.”

In that sense, there’s huge concern about whether the gathering and sharing of information through telehealth meets the Health Insurance Portability and Accountability Act (HIPAA) standards. These are rigorous standards designed to protect patient information. Now, the smart pill, a new entrant to the internet of things, seem to have it all figured out.

Abilify MyCite relies on a silicon chip in each pill to relay information to a wearable patch. When you take a pill your stomach acid activates the chip, which then tells the wearable patch what time you took the pill along with information about your “activity and stress levels at the point of ingestion,” according to MD Connect. How the chip is able to measure your activity and stress levels is unclear. After the patch receives data from the chip, it encrypts them and transmits them via Bluetooth to an app on your phone. From there, the app encrypts the data once more, and MD Connect points out you have the choice to either share the data with your physician or simply keep track of your own compliance over time.

Compliance is important for patients who take Abilify because they can have a hard time functioning without it. The drug treats symptoms of schizophrenia and bipolar disorder. Yet the FDA notes that “the ability of the product to improve patient compliance with their treatment regimen has not been shown.” Moreover, “Abilify MyCite should not be used to track drug ingestion in real-time or during an emergency because detection may be delayed or may not occur.

In other words, the pill may be able to provide info about compliance but there’s no guarantee the patient will take it, nor is there any guarantee the pill’s silicon sensor will work once it’s in your system.

The symptoms of schizophrenia include paranoia, so it’s not hard to imagine a paranoid person feeling squeamish about taking a pill with a chip embedded in it. The worry, as the New York Times points out, is over a “Biomedical Big Brother.” What if data is leaked to a government entity or even advertisers? MD Connect maintains that the short amount of transmission time between the pill and the wearable patch make it nearly impossible to intercept that signal, while end-to-end encryption provides security between the patch, the app, and the endpoint at the doctor’s office.

The patient who takes the pill can give up to four people access to their data. From the patient’s perspective, concerns over privacy would revolve around the veracity of the app’s claim that data is only shared with the patient’s treatment team—that is, the family members, caretakers, and medical personnel with whom the patient wants to share data.

For the pill to comply with HIPAA, the patient’s data absolutely must remain private according to the patient’s wishes. If the data ends up in a third party’s hands, it’s a violation of the law. Tell that to a hacker seeking to profit from medical data.

As this infographic from University of Illinois at Chicago shows, data security is a huge concern for the healthcare industry:

Smart Pills and IoT

(Infographic Source: healthinformatics.uic.edu)

In 2018, about 50 percent of smartphone users will have health apps on their phones. At the same time, 1 out of 3 people had their data compromised by a security breach of some sort in 2016. In 2015, nearly 112 million people saw their data end up in unknown hands due to a hacking or IT incident.

What’s at stake here for Abilify MyCite and other future pills with embedded sensors? Treatment teams can access Abilify MyCite’s data from a web portal, so the app does transmit patient data to the cloud. This opens up the whole host of issues surrounding security when it comes to each person’s use of a personal device to access electronic health info. Passwords have to be tough to crack; operating systems, firewalls and security software must be up-to-date; the cloud provider must enable remote wiping; and the data provider must conduct an annual HIPAA security risk analysis.

Overall, there’s a reason why experts recommend people shouldn’t use their personal devices to access electronic health records. People get all sorts of viruses on their computers, and cybersecurity threats are multiplying. Abilify MyCite has the right idea with end-to-end encryption. Now it’s up to each member of a patient’s treatment team to keep the data safe.

By Daniel Matthews

Gary Taylor

5 Reasons Why Virtual Desktop Infrastructure Will Go Mainstream Post 2020

Virtual Desktop Infrastructure Growth Virtual Desktop Infrastructure (VDI) technology enables remote users to access their desktop from anywhere using an internet connection. This technology has been around for a couple of decades but never received ...
Steve Prentice

The Human Element of Zero Trust

The Awareness of Malicious and Threat Actors Security specialists have long known that a single weak link in a chain is all that is needed to bring down a cyberdefense. Sometimes this comes down to ...
Anita Raj

Will there be a normal to go back to after COVID-19?

The COVID-19 Aftermath Until November last year, not one of us would have expected life to take such a dramatic turn in as short as 4-5 months. Yet here we are - confined to our ...
Dr. Mike Lloyd

How to Mitigate Security Risks in the Cloud

How to Mitigate Security Risks in the Cloud Enterprises continue to spend billions annually on security technology, yet cyber breaches continue to come fast and furious. So what exactly is going on here? Why are ...
Anita Raj

The Criticality of Data Governance in a Multi-cloud Environment

The Criticality of Data Governance Multi-cloud has emerged as an enterprise favorite in almost no time.  In fact, Security Boulevard  makes a reference to a Forrester Research Report which confirms that almost 86 percent of ...
Ramanan GV

Establishing a Unified Governance Model for the Digital Workforce

Increase visual control and reduce OPEX by 30% The Digital Service Providers (DSPs) are riding an automation wave. Painful manual tasks, which burdened staffs for ages, can now be easily handled by the software bots ...