Are Smart Pills a Smart Idea for the IoT?

Cloud Security Health

Smart Pills and IoT

It stands to reason that the medical industry would be the most likely place for groundbreaking and disruptive tech advancement. An aging baby boomer population—a huge slice of America

as we know it—is seeking to prolong their parents’ lives and eventually their own. To put it lightly, there’s a lot of money in medicine.

Healthcare accounts for about 17 percent of the nation’s GDP, and an ever-ballooning part of the American healthcare product is a suite of tech innovations collectively called telehealth, a term we’re seeing a lot of these days. Regis College defines telehealth not as a particular thing, but as something people do:

Medical professionals use the Internet to gather and share information as well as monitor the health conditions of patients by using peripheral equipment and software such as video conferencing devices, store-and-forward imaging, and streaming media.”

In that sense, there’s huge concern about whether the gathering and sharing of information through telehealth meets the Health Insurance Portability and Accountability Act (HIPAA) standards. These are rigorous standards designed to protect patient information. Now, the smart pill, a new entrant to the internet of things, seem to have it all figured out.

Abilify MyCite relies on a silicon chip in each pill to relay information to a wearable patch. When you take a pill your stomach acid activates the chip, which then tells the wearable patch what time you took the pill along with information about your “activity and stress levels at the point of ingestion,” according to MD Connect. How the chip is able to measure your activity and stress levels is unclear. After the patch receives data from the chip, it encrypts them and transmits them via Bluetooth to an app on your phone. From there, the app encrypts the data once more, and MD Connect points out you have the choice to either share the data with your physician or simply keep track of your own compliance over time.

Compliance is important for patients who take Abilify because they can have a hard time functioning without it. The drug treats symptoms of schizophrenia and bipolar disorder. Yet the FDA notes that “the ability of the product to improve patient compliance with their treatment regimen has not been shown.” Moreover, “Abilify MyCite should not be used to track drug ingestion in real-time or during an emergency because detection may be delayed or may not occur.

In other words, the pill may be able to provide info about compliance but there’s no guarantee the patient will take it, nor is there any guarantee the pill’s silicon sensor will work once it’s in your system.

The symptoms of schizophrenia include paranoia, so it’s not hard to imagine a paranoid person feeling squeamish about taking a pill with a chip embedded in it. The worry, as the New York Times points out, is over a “Biomedical Big Brother.” What if data is leaked to a government entity or even advertisers? MD Connect maintains that the short amount of transmission time between the pill and the wearable patch make it nearly impossible to intercept that signal, while end-to-end encryption provides security between the patch, the app, and the endpoint at the doctor’s office.

The patient who takes the pill can give up to four people access to their data. From the patient’s perspective, concerns over privacy would revolve around the veracity of the app’s claim that data is only shared with the patient’s treatment team—that is, the family members, caretakers, and medical personnel with whom the patient wants to share data.

For the pill to comply with HIPAA, the patient’s data absolutely must remain private according to the patient’s wishes. If the data ends up in a third party’s hands, it’s a violation of the law. Tell that to a hacker seeking to profit from medical data.

As this infographic from University of Illinois at Chicago shows, data security is a huge concern for the healthcare industry:

Smart Pills and IoT

(Infographic Source: healthinformatics.uic.edu)

In 2018, about 50 percent of smartphone users will have health apps on their phones. At the same time, 1 out of 3 people had their data compromised by a security breach of some sort in 2016. In 2015, nearly 112 million people saw their data end up in unknown hands due to a hacking or IT incident.

What’s at stake here for Abilify MyCite and other future pills with embedded sensors? Treatment teams can access Abilify MyCite’s data from a web portal, so the app does transmit patient data to the cloud. This opens up the whole host of issues surrounding security when it comes to each person’s use of a personal device to access electronic health info. Passwords have to be tough to crack; operating systems, firewalls and security software must be up-to-date; the cloud provider must enable remote wiping; and the data provider must conduct an annual HIPAA security risk analysis.

Overall, there’s a reason why experts recommend people shouldn’t use their personal devices to access electronic health records. People get all sorts of viruses on their computers, and cybersecurity threats are multiplying. Abilify MyCite has the right idea with end-to-end encryption. Now it’s up to each member of a patient’s treatment team to keep the data safe.

By Daniel Matthews

Louis
More CISOs will have to deliver revenue growth to protect their budgets and grow their careers in 2023 and beyond, and a core part of that will be getting multicloud security right. It’s the most common infrastructure strategy for ...
Tosin Vaithilingam
Divestitures: What to consider during the migration process "Divestitures require careful planning and execution, but they can create tremendous opportunities for companies to transform their businesses and unlock new growth potential." - Ginni Rometty, former ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
David Discenza
Four Ways to Improve Cybersecurity (Updated: December 9th, 2022 ) Cyber-attacks on businesses have become common place. In fact, it’s estimated that a cyber-attack occurs every 39 seconds. Who are the targets of these attacks? ...
10 Leading Open Source Business Intelligence Tools
Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up the decision-making process. Open Source Business Intelligence Tools make it easier to have our raw ...
Maxim Melamedov
Trouble is Brewing Cloud Paradise - 2023 Will Determine Company's Long-Term Plans for Cloud Use The relationship between developers and the cloud was practically love at first sight. For years, migration to the cloud in ...
Matt Hallett
Data Clean Rooms are Changing the Game for Marketers It’s no surprise that data clean rooms (DCRs) have become the go-to solution for customer insights. With the depreciation of cookies and growing concerns about data ...
Gilad David Maayan
Network Security in the Public Cloud What is Network Security? Network security is a strategic approach to securing an organization’s resources and data across the corporate network. It helps protect organizations of all sizes, industries, ...